Microsoft Promises to Make Windows More Secure

by Timothy Prickett Morgan

Microsoft has been trumpeting its Trustworthy Computing initiative since February 2002 as a bold plan to put the company's entire code base under the microscope and to look for holes that hackers, worms, and viruses can exploit. While there is little doubt that the Trustworthy Computing effort, which has cost hundreds of millions of dollars, has made Microsoft's products more reliable and secure, there is still much work to be done.

Microsoft CEO Steve Ballmer, speaking at the Worldwide Partner Conference in New Orleans last week, did an act of contrition for the Windows faithful, promising that Microsoft would be redoubling its efforts to make Windows more secure even as hackers are getting more malicious (and some might say more successful) in disrupting the systems of consumers and commercial entities alike.

Over the next few months, Microsoft says, the company will improve its patch management processes, and the technologies behind them, to better allow users--particularly consumers and small businesses, which may not have an IT staff running their systems--to keep their machines patched and up to date, so they can repel the latest threats. To be fair to Microsoft, the Windows Update process is arguably the best such process available today: Linux systems are not quite as simple to use, and Unix and proprietary systems have extremely arcane approaches to patches that would baffle a lot of people who are not initiated into the processes. Nonetheless, with an uneducated consumer as its volume customer, Microsoft has to do things differently.

Microsoft is going to move to monthly patch releases for Windows XP and Windows Server 2003. Ballmer also said that security patch support for Windows NT 4.0 with Service Pack 6a, and for Windows 2000 with Service Pack 2, would be extended to June 2004. In the first half of 2004, Microsoft will debut a new program called Software Update Services 2.0, which it will provide for free and which will be able to patch Windows, Office, SQL Server, Exchange Server, and Visio. All Windows 2000-generation products will have a more streamlined patch install process and will only use two different installers, down from several used today. These new patch installers will have rollback capabilities for all new patches, in case something goes wrong. Microsoft will also cut down on the number of reboots it takes to patch a Windows box.

Patches are only part of the solution, and that's why Microsoft will be offering educational services, such as seminars and Webcasts (beginning in February). Microsoft will also host a developer security symposium at the Professional Developer's Conference that is being held later in October.

Ballmer also said that future Service Packs for Windows XP and Windows Server 2003 would have protective countermeasures. Windows XP Service Pack 2, due sometime in the first half of 2004, will have protections against attacks that come through ports, e-mail, malicious Web content, and buffer overflows. These are the four most popular ways to try to mess with a Windows machine. Service Pack 1 for Windows Server 2003, due in the second half of 2004, will have similar protections, as well as a means for protecting machines against hacks from mobile devices.

You can read Ballmer's full speech at the Microsoft partner event by clicking here.

Sponsored By UNISYS/MICROSOFT

Join the escape from UNIX. The Windows Data Center is here. The revolution has begun. The Windows Data Center: The low-cost, high-performance answer to complexity. Decisions about your data center never have to be made by default again. Introducing the proven alternative to UNIX: The Windows® Data Center. Featuring the Unisys ES7000 family of servers running new Microsoft® Windows Server 2003, it's a solution that brings revolutionary performance and low-cost standardization to the enterprise like never before. With mainframe-like integrity, the ES7000 and Windows Server 2003 fully optimize today's enterprise data center. It's no wonder nearly 50% of large organizations are standardizing on Windows operating systems.(1) And by focusing solely on enabling standardized, end-to-end Windows data centers, Unisys helps generate staff efficiencies, increase agility, and mitigate risks-all while achieving greater return on technology investment. So if you've had quite enough of your inflexible data center, let us help you escape. After all, nobody wants to be on the wrong side of a revolution. For More Information Call 1-800-548-3443 or visit WeHaveTheWayOut.com © 2003 Unisys Corporation and Microsoft Corporation. Unisys is a registered trademark of Unisys Corporation. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. (1) Unisys primary market research 1Q03.