Ballmer touts security upgrade

To improve the security of Microsoft Corp. products and users, company officials made several changes in their next operating system, including default activation of the firewall, according to Steve Ballmer, Microsoft's chief executive officer.

Information security is now part of everything the technology world does, and companies, government and individual users must approach it that way, Ballmer said at a luncheon in Washington, D.C., cosponsored by the Business Software Alliance trade group and the Center for Strategic International Studies think tank.

"All of us in the [information technology] business are, whether intended or not, permanently in the security business as well," he said.

For Microsoft, the security business has meant investing significant money and resources in education. The company has partnered with government and other IT vendors, Ballmer said. But it has also led the company to a research and development strategy with four key areas: isolation and resiliency of systems, easier and better software updates, improved quality of software code, and strengthened authentication and access control.

Many companies are working to improve software, patch updates and software development. Last week, a task force, working with the Homeland Security Department, released its recommendations on software development.

Microsoft officials, however, also have specific plans for their own operating systems and software, which are used on the majority of computers worldwide.

Isolation simply means helping users to "draw a stronger line of defense around each computer and each network," Ballmer said.

Within the next few months, Microsoft will release a new service pack for its Windows XP and 2000 operating systems with several significant updates, including activating the integrated firewall as a default setting. Users originally didn't want that setting, but the environment has changed, Ballmer said. Microsoft has no plans to include an integrated antivirus solution, too, but more users are asking for that, so executives aren't ruling anything out, he said.

Microsoft has previously said that the service pack will:

Set the Internet Explorer browser to block automatic pop-ups and downloads.

Improve how the browser's e-mail and instant messenger handle attachments that can carry viruses and worms.

Enhance the operating systems update notification with a Windows Security Center that takes security preferences for several major tools and applications and groups them in one area.

Include new technology to make it harder for attackers to exploit the buffer overflow vulnerability.

Later this year, Microsoft will release a similar service pack for its Windows Server operating system.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.