Microsoft unveils security initiatives

Microsoft CEO Steve Ballmer announced a gaggle of security initiatives Thursday that he said would shore up the security of its customers' systems against what he said in a statement was a "wave of criminal attacks."

New security features on Windows XP and Windows Server 2003, a simplified software patch distribution process and new security education programs were all part of Microsoft's latest effort to stem the tide of worms and viruses that target computers running its popular operating systems and software, according to Microsoft and industry experts familiar with the plans.

Ballmer made the announcement at Microsoft's Worldwide Partner Conference in New Orleans and said that the new technology and programs would be available "over the coming months," according to a statement released by Microsoft.

Perhaps the most technologically significant changes will come from what Microsoft called new "safety technologies" that will be rolled into upcoming service packs for Windows XP and Windows Server 2003. Those technologies will allow customers to better protect their computers from attack, even in the absence of required software patches, the company said. Better defenses for buffer overruns and heap overruns will be part of the enhancements, according to Amy Carroll, director of product management in Microsoft's Security Business Unit.

Buffer overruns are flaws in software code that are often used by malicious hackers to place attack code on victims' computers.

Microsoft will introduce protections such as improved compiler checks to stop buffer and heap overruns and software changes that mitigate the effects of such events when they do occur, Carroll said.

Protections against attacks on communications ports, such as the recent W32.Blaster worm, as well as malicious code in e-mail messages and Web pages will also be included, she said.

Microsoft could not yet comment on what those changes will be or whether they would affect the Windows operating system or Exchange and Outlook products, Carroll said.

Software updates for Windows XP and Windows Server 2003 scheduled for 2004 will include a more robust version of the current Internet Connection Firewall that ships with Windows XP.

Future changes will put the firewall on by default, make it more compatible with other products and allow organizations to centrally manage the desktop firewalls on its Windows machines, Carroll said.

Microsoft may also be integrating behavior-based blocking technology that it acquired with Pelican Security Inc., with its default firewall, according to John Pescatore of Gartner. By rolling the Pelican technology in with its firewall, Microsoft would be able to protect even unpatched desktops from new attacks such as the recent Slammer and Blaster worms -- a stated goal for the company, Pescatore said.

Carroll did not rule out the use of Pelican's behavior based detection technology, but said it's too early to comment.

The company was also mum on the issue of anti-virus technology. Despite the recent purchase of an anti-virus engine and development talent from GeCAD Software of Bucharest, Romania, it was "too soon to tell" how that company's anti-virus technology might be used to protect Windows customers, Carroll said.

The IDG News Service is a Network World affiliate.