Microsoft’s come-to-God moment with regard to security came in January 2002 with the famous Bill Gates memo. The company promised to make security a priority across its product lines and launched its Trustworthy Computing initiative. The effort has paid off and Microsoft is a role model for others in the industry in building secure code. But the fruits of the labor took time to filter out to all of the company’s products. Less than two months after launching its Windows Server 2003 operating system, the company had to release a security patch to fix a vulnerability that could let malicious sites run damaging code on the server. The flaw affected Internet Explorer 6, which shipped with Windows Server 2003 as well as with other Microsoft OSes. Despite the embarrassment from releasing a security patch so soon after a release, security experts said the default configuration of Windows Server 2003 was more secure than in previous versions of Windows.