While Microsoft was making a major announcement about its Identity Management Solution, Microsoft Identity Integration Server 2003 Released to Manufacturing, their highly deployed web based user authentication product, Passport, was being hit with another security vulnerability,Microsoft patches Passport.
MIIS is not Passport, so the two issues aren't technically related. But it does give one pause. MSFT had a hard time getting Passport right and companies planning to implement the MIIS solution need to complete due diligence to confirm that the product meets their security requirements. Failing to get security right the first or second time is very common. But the MS track record places some burden on the implementers of the solution to ensure that it is, indeed, ready for prime time.
Posted by Diana at July 3, 2003 07:35 AM