Microsoft retracts sys admin slur

NEWS Microsoft has admitted it regrets the comments made by one of its security chiefs who blamed "laid back" system administrators for making IIS web server software look more vulnerable than it really is. In a silicon.com exclusive last Friday, Ian Hellen, principal security consultant at Microsoft UK, said the company's much-maligned IIS web server software would have less security problems if system administrators took more care to update patches. The claim outraged silicon.com readers who flooded the site with their feedback. However, Microsoft today officially retracted Hellen's statements and said system administrators do "one of the toughest jobs in IT" and shouldn't carry the blame. Mark Tennant, Windows 2000 product manager at Microsoft, told silicon.com: "I don't agree with Ian's views about sys admins. They are one the most hard-working people in IT - I should know as I used to be one myself. "Microsoft is fully aware they are doing a tough job and we are here to help, not to blame them." However, Tennant agreed with Hellen's claim that Microsoft's web server software is as secure as any competing product and said that having a large installation base has distorted the statistics. "Our software gets hit by hackers because it is the most used software in the world. It is also the most popular with hackers who are looking for their five minutes of fame," said Tennant. The IIS security controversy kicked off two weeks ago when analyst house Gartner issued a stark warning against the software and urged companies to seek alternatives because of security risks.