Microsoft's week consisted of a patch for an ASP.NET vulnerability, and a blogosphere debate over how Windows Phone can gain market share.
between Christmas and New Year's, normally slow, was somewhat busy for
Microsoft on the security front.
In the final
days of 2011, Microsoft released a security update to patch an issue associated
with Security Advisory 2659883
. The vulnerability
affects all versions of Microsoft's .NET Framework, and could allow a
denial-of-service attack on servers for ASP.NET pages.
vulnerability exists due to the way that ASP.NET processes values in an ASP.NET
form post causing a hash collision," reads the Security Advisory
, published Dec. 28. "It is
possible for the attacker to send a small number of specially crafted posts to
an ASP.NET server, causing performance to degrade significantly enough to cause
a denial-of-service condition."
The patch (MS11-100
) is rated Critical for Microsoft. "We
encourage affected customers to test and deploy the update as soon as
possible," Dave Forstrom, director of Microsoft Trustworthy Computing, wrote in
a Dec. 29 posting on the Microsoft Security Response Center
that "consumers are not vulnerable unless they are running a Web server from
larger blogosphere, debate also erupted over Microsoft's Windows Phone and its
chances against both Google Android and Apple's iOS, which currently dominate
the mobility market.
largely stemmed from a Dec. 26 blog posting
by former Microsoft employee
and Windows Phone evangelist Charlie Kindel, who dissected what he saw as the
reasons behind Windows Phone's failure to conquer more of the smartphone
market. "The device manufacturers, mobile operators, OS providers and end users
operate in an overly complex virtuous cycle," he wrote. In other words,
Microsoft is forced to "push hard" on carriers and other parties to produce and
market the line-causing friction, and slowing overall adoption.
immediately sparked discussion among analysts and pundits, including John Gruber
and MG Siegler
. At the same time, a leaked Windows
Phone road map appeared online, purporting to trace the platform's evolution
over the next year.
The road map
was first posted Dec. 27 by the blog WMPoweruser
, which declined to mention the
source. Nonetheless, if taken at face value, the document suggests that Microsoft
will follow up its recent Mango software update with additional versions aimed
at the midmarket, business users and the higher-end "superphone" segment.
quarter of 2012, according to the road map, will see the arrival of an update
labeled "Tango," which will feature "products with the best prices." This
likely means Windows Phones aimed at the midmarket, with a possible
stripped-down user interface to match the lower cost.
That will be
followed in the fourth quarter of 2012 with "Apollo," for which the road map
offers three bullet points: "increase overall volume," along with competitive
"superphones" and "business." Based on that, one can infer that Microsoft
intends the Windows Phone line to branch yet again, targeting both the
superphone (i.e., high spec) and business markets. The "increase overall
volume" could allude to Microsoft anticipating more Windows Phone units in
users' hands by the end of 2012, or else the hope that smartphones loaded with
some sort of Apollo software update will kick off a higher volume of
Whether or not
that road map proves accurate, 2012 will certainly prove a decisive year for
Follow Nicholas Kolakowski on Twitter