Gates Sets Timetable For Security Improvements - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Enterprise Applications
03:03 PM
Connect Directly

Gates Sets Timetable For Security Improvements

By mid-2004, even critics will be impressed by the improvements, Microsoft's chairman predicts.

Businesses should see a 180-degree improvement in the security of their Windows software environments within eight months, according to Microsoft's chairman and chief software architect, Bill Gates.

Although Microsoft's Trustworthy Computing initiative is a multiyear effort, Gates says bug-weary customers will get relief in months, not years. "By the middle of next year, I think even our critics would say, 'Wow, they've really turned this patching thing around ... This is night-and-day different. This is not a big problem for us,'" Gates said during an interview with InformationWeek on Monday, one day after his annual keynote address at the Comdex trade show in Las Vegas.

Microsoft's security-improvement program involves more-rigorous software-development techniques and bug testing, new security products, and changes in the way patches are distributed. In the near term, Gates said, the just-released Systems Management Server 2003 represents the single biggest advance in helping system administrators better cope with Microsoft's steady flow of security bulletins. The product features new vulnerability identification and assessment capabilities, a wizard that simplifies patch distribution, and improved integration with Microsoft's software-update service. As more businesses use SMS 2003 to manage the patch process, Gates predicted, the work involved will become merely "noise-level" activity.

That would be a significant turn of events. In recent months, software patching has been a major undertaking for many IT departments, causing some to re-evaluate their heavy reliance on Microsoft products. The company has issued security bulletins, on average, about once a week this year. In September, one business-technology executive sent Microsoft a letter requesting a $150,000 refund to cover the costs associated with patching his company's Windows systems. When asked whether Microsoft was prepared to share such costs with customers, Gates replied: "We've very focused on doing our best to avoid these problems."

In October, Microsoft began issuing patches once a month as a way of making updates more predictable and manageable, though the company plans to continue issuing urgent patches as soon as possible if it determines customers face immediate risk.

Concern over Windows security caused some businesses to delay signing license agreements in the quarter ended Sept. 30, Microsoft officials disclosed last month. Senior Microsoft executives, including CEO Steve Ballmer and Gates himself, are engaged in a "very rich dialogue" with customers over security-management issues, Gates said.

Another product that promises to help is Microsoft's Internet Security and Acceleration Server 2004, which was demonstrated for the first time at Comdex. An application-layer firewall, ISA Server 2004 is designed to fight the latest types of worms and network attacks and create more secure VPN connections. The product is scheduled to begin testing early next year.

Microsoft's next-generation Longhorn operating system will likely contain more lines of code than Windows XP or Windows Server 2003 do today. Yet, the expanding size of the platform and the growing use of Web services should not make future Windows environments more vulnerable to breakdowns or attacks, Gates said. The modular design of Web services and use of software modeling in the development process, he added, should result in systems that are increasingly secure.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Flash Poll