October 9, 2003 8:28 AM PDT
Microsoft expects security effort to take time
- Related Stories
Microsoft security suit raises thorny questionsOctober 3, 2003
Microsoft moves beyond patchesOctober 1, 2003
Ballmer: 'Thieves, con artists' attacking MicrosoftSeptember 15, 2003
MSBlast echoes across the NetAugust 15, 2003
"I don't think it is a big-bang thing," Microsoft Senior Vice President Bob Muglia said in an interview Wednesday. "I think it's an evolutionary, multistep thing."
Microsoft announces new efforts to combat software insecurity, including safety updates to Windows and improvements to patch management.
The software giant is taking steps to improve upon earlier, inadequate approaches to security, but acknowledges that its "securing the perimeters" strategy will not change things overnight.
For more info:
Track the players
However, Microsoft executives have said in recent weeks that the patch approach alone is not working, with many customers choosing not to install the latest updates to Windows, or at least not quickly enough to thwart hackers.
On Thursday, Microsoft CEO Steve Ballmer unveiled new programs and technology investments to be delivered over the coming months, including safety updates to Windows XP and Windows Server 2003, improvements to patch management processes and technologies, and worldwide education programs.
"Our goal is simple: Get our customers secure and keep them secure," Ballmer said in a statement. "Our commitment is to protect our customers from the growing wave of criminal attacks."
Ballmer first referred to a greater reliance on shield technology during a Sept. 15 speech before a crowd of Silicon Valley executives.
The software giant has come under increasing pressure to step up its security efforts, particularly in the wake of the MS-Blast worm, also known as Blaster. In addition to concern among customers large and small, Microsoft faces a proposed class-action lawsuit in California over its security flaws.
However, Muglia said Microsoft has realized that it needs to take action on more levels to try to thwart hackers.
by the worm
Steve Ballmer, CEO, Microsoft
"You need to have a fence outside your house, sort of like a gated community," he said. "Then you need to have your doors locked and maybe you need your alarm turned on as well."
Muglia stressed that security is Microsoft's top priority right now. "We are also looking at ways we can detect some, whether there is some aberrant behavior that is happening on the network, and find intruders," Muglia said.
At the same time, Muglia said a lot of customers stopped the Blaster attack by using tools that are already available, such as the Internet Connection Firewall that is built into Windows.
"We're looking at ways that we can get customers to...turn ICF on and to make sure ICF is as effective as it can be and tools like it," Muglia said. "The fact is that for most of these customers, there are a lot of steps they can take right now to make themselves less vulnerable."