Your FREE White Paper

Justify your budget and change the way you talk about your contribution to the bottom line.
Claim your FREE white paper today.

Sign Up to Our e-News

Use our contact form to sign up to our e-newsletter. Featuring Soutron news and other vital information.

• Special Offers
• Software Updates
• Soutron News
• Exclusive Demo Content

Your Challenges

Soutron helps a diverse range of organisations, find out how we support your industry, or field and tackle the unique challanges you face.

Our Solutions

Soutron solutions are designed by people like you, with backgrounds in library, knowledge and information management.

For once I could breathe a sigh of relief when I read a blog last week by Adrian Kingsley-Hughes on ZDNet about the implications for running older Windows systems. We (well those in our company over 50) all remember MS DOS and the desire by many who ran DOS applications in the early 1990s to keep a way of using them within the Windows operating system environment. What had not been appreciated was the vulnerability of keeping this around in the operating system all these years.

Microsoft last week confirmed that every 32-bit version of Windows over the past 17 years, from Windows 7 all the way back to Windows NT 3.1 is host to a vulnerability that could allow hackers to take over a system. If this tells us one thing, it's that it’s time to drop all the legacy support baggage that's buried in Windows. Perhaps it's time to move to a 64“ bit operating system and run your applications for the web without risk of vulnerable legacy code.

My sighs of relief came because fortunately Soutron took the decision to create new applications in 2007 for the Library market and has already moved its library applications onto 64-bit SQL Server 2008 and Windows Server 2008 R2 (64-bit). Indeed Soutron Client Services have just completed testing and commissioning a new data centre that is based on Windows Server 2008 R2. All of our hosted clients will now have their applications running on these servers. As one of the people responsible for ensuring the smooth running of their applications it's one thing off the list that would otherwise keep me awake at nights.

Many of the affected operating systems are now part of history and have no place on a web-facing PC, but the list of affected Operating systems still includes:

• Microsoft Windows 2000 Service Pack 4
• Windows XP Service Pack 2 and Windows XP Service Pack 3
• Windows Server 2003 Service Pack 2
• Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
• Windows Server 2008 for 32-bit Systems & Windows Server 2008 for 32-bit Systems Service Pack
• Windows 7 for 32-bit Systems

The vulnerability lies in the Windows Virtual DOS Machine (VDM) subsystem, a mechanism added to Windows NT 3.1 back in 1993 to allow it to run DOS applications and 16-bit Windows software. And there it's been, for 17 years.

So if your web-based library application is still running on a 32-bit server you are open to more vulnerabilities than you possibly thought.  Who would credit it that in the tenth year of the 21st century systems still include this kind of legacy code.  When you look at your possible risks with web facing applications think about

Graham Partridge, R&D Director