Michael Kessler has seen cybercrime at its worst. The computer forensics expert and accounting fraud investigator has helped build cases against child pornographers and uncover the facts behind creepy accounting practices. But what keeps Kessler awake at night aren’t your typical criminals.

SAPand Microsoft’s "Duet" that debuted 18 months ago, is picking up pace–big time. The joint offering, which allows users to access SAP business processes from within a Microsoft Office environment, appears to be gaining popularity with companies and knowledge workers. The product already has more than 250 customers, with 400,000 licenses sold worldwide, according to Thomas Grassl, director of solution marketing for Duet at SAP.

Microsoft will issue seven security updates next Tuesday, including critical sets of patches for Windows and Internet Explorer.

The three critical updates are all for Windows components, Microsoft said in a note on the upcoming release. These components include Internet Explorer, the DirectX and DirectShow graphics software, and the Windows Media Format Runtime, which is used by Windows Media Player.

Microsoft has a long history of buying technologies that it then integrates into its own products to make them more competitive, and 2007 was no exception. The software maker made a number of acquisitions this year, both big and small, particularly in areas where it had either been late to the game (think unified communications) or where it faced enormous competition–on the advertising solution front.

Earlier this year Microsoft acquired Parlano and its Mindalign technology, an application for enterprise group chat that enables people to carry on topic-specific, multiparty instant messaging discussions that persist over time. At the time of the deal, Microsoft said Parlano’s group chat functionality would be added as a new feature of Office Communications Server.

Lets pretend that you’re responsible for email and scheduling for 60,000 employees in 60 functional groups ranging in size from 15 members to 3000. They’re all currently using Microsoft Exchange on Windows/XP desktops with Active Directory as installed in mid 2005. In that situation both the Windows desktop and active directory will be organizational givens you have no power to affect–in fact, you would typically be in the frustrating position that you get no respect for keeping Exchange running while the CIO simultaneously ignores your contributions to the organization and uses the relative stability you’ve achieved for email and scheduling to justify Active Directory, other Microsoft tools purchases, and the further imposition of centralized management on users.

On the personal side, messaging products that co-exist well with Active Directory but are functionally independent of it offer significant potential payoffs; most notably the opportunity to raise your organizational profile relative to that of others at your level. If you saved a few bucks by switching to Domino, for example, the organization’s cost of running Active Directory would be completely unaffected, but the guy running that side of the business would suddenly have to justify a much larger share of his own costs–because right now you’re carrying him, and getting no recognition for it.

The interview yesterday with MyPointRadio went great! David and Jenn were excellent hosts and the show was fun as well as informative. I had a chance to talk about the book, but what’s becoming more and more apparent is how concerned (and still relatively uninformed) regular people are about their own computer and email security.

As I do more press, I think it’ll be very important to focus on the things real people can do to safeguard themselves from online troublemakers. Since you can never hear this often enough, let’s do a quick recap of what you should do to keep yourself protected.

First, always update your operating system. Second, be sure you’re running an antivirus program and keep it updated. Third, be sure you’re running an anti-spyware program and keep that updated. Update these things daily. And, as we’ve told you over and over and over and over: NEVER OPEN ATTACHMENTS!

There’s more to online security, but if you follow these four rules, you’ll be a lot safer than when you started.

If you want to hear the entire interview, you can download it or play it off the BlogTalkRadio page. You can either hit play to play in their player or download to download an MP3 for your computer (to keep and to cherish). Both choices are safe, so go ahead and listen in. — David

Novell will be delivering a Linux-based version of Microsoft’s Silverlight cross-browser, rich Internet application technology within six months. Miguel de Icaza, vice president of developer platforms at Novell, said at the XML conference here Dec. 5 that his team wanted to ensure that Linux would not be a second-class citizen should Silverlight take off.

Silverlight is Microsoft’s response to Adobe’s Flash technology, which is essentially ubiquitous on desktops and devices. He also shed a little more light on the internal workings of the business agreement between Novell and Microsoft regarding theLinux version of Silverlight, known as "Moonlight." The two companies announced plans in September to work together on Moonlight.

Microsoft is releasing its experimental tool to help democratize Web development as an early preview for developers. Microsoft announced Dec. 5 a Community Technology Preview of Volta, an experimental developer toolkit that enables developers to build multitier Web applications using the .Net libraries, tools and techniques they already know.

Volta comes out of Microsoft’s Live Labs division and will run as an add-in to Visual Studio 2008, said Alex Daley, group product manager of Microsoft Live Labs.

Panda Security is arming customers with new software–Panda Security for Business Version 4.02SP1–that takes advantage of its "Collective Intelligence" strategy. The Madrid-based company is bringing the Collective Intelligence approach to bear with integration between the latest version of Panda Security for Business and Malware Radar, an on-demand service that provides an automated malware audit for customers.

The Collective Intelligence approach pushes malware analysis and detection into the cloud by gathering information on the latest malware threats via the Panda Collective Intelligence agent and uploading it to Panda servers. From there, it is processed and classified and ultimately remediated with a signature made available to the entire Collective Intelligence community.

Microsoft security engineer Robert Hensing had a question for the hundreds of his company’s developers seated before him: can a person’s PC become infected with a rootkit simply by opening a PowerPoint file? In the packed conference center, a smattering of developers raise their hands. Nearby, in an adjacent room, where hackers invited to speak at Microsoft’s Blue Hat conference watch the presentations on TV, an entire table of hands go up.

Even though Microsoft has spent a fortune securing Windows, experts say that hackers are moving beyond the operating system. Threats such as rootkits, which can corrupt an operating system, can now be transferred by applications or Web-based programs. A new crop of Web-connected mobile devices represent another emerging threat.