Microsoft Chairman Bill Gates Friday sent an e-mail to some Microsoft customers updating them on the company's Trustworthy Computing initiative and reminding them that they too have a significant role to play in securing their computer systems.
In January, Gates announced the Trustworthy Computing initiative in a memo to Microsoft employees that was also released to the media. In that memo, Gates said that despite all the features added to Microsoft's products over the years, none of them were important if the products were not also secure.
"So now, when we face a choice between adding features and resolving security issues, we need to choose security," he wrote at the time.
To that end, Microsoft engineers were directed to spend the month of February reviewing Windows source code for security holes and fixing them.
In Friday's e-mail, Gates said that work took twice as long as expected, and would be extended to Microsoft Office and Visual Studio .Net in the future.
Broadening such efforts is likely needed as Microsoft has issued patches for numerous security vulnerabilities in other products besides Windows since February. In the last three months, the company has patched flaws in it SQL Server, Internet Explorer Web browser, Exchange e-mail server, debugging program and instant messaging clients.
In Friday's email Gates also touted the security assessment tools, such as Baseline Security Analyzer and Software Service Update, that Microsoft has released since January.
Microsoft customers will also have to be active participants in achieving better security, Gates wrote.
To do this, customers should use the bug-reporting features built into Office XP and Windows XP, use Windows Update to keep up to date with security patches, and use the company's security assessment tools, he wrote.
"Microsoft is fully committed to (Trustworthy Computing), but it is not something we can do alone," Gates wrote. "It requires the leadership of many others in our industry and a commitment by customers to establish and maintain a secure and reliable computing environment."
The IDG News Service is a Network World affiliate.
RELATED LINKS
Error 404--Not Found |
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:10.4.5 404 Not FoundThe server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. |
Apply for your free subscription to Network World. Click here. Or get Network World delivered in PDF each week.
Request a reprint or permission to use this article.
