Ballmer touts security upgrade

To improve the security of Microsoft Corp. products and users, company officials made several changes in their next operating system, including default activation of the firewall, according to Steve Ballmer, Microsoft's chief executive officer.

Information security is now part of everything the technology world does, and companies, government and individual users must approach it that way, Ballmer said at a luncheon in Washington, D.C., cosponsored by the Business Software Alliance trade group and the Center for Strategic International Studies think tank.

"All of us in the [information technology] business are, whether intended or not, permanently in the security business as well," he said.

For Microsoft, the security business has meant investing significant money and resources in education. The company has partnered with government and other IT vendors, Ballmer said. But it has also led the company to a research and development strategy with four key areas: isolation and resiliency of systems, easier and better software updates, improved quality of software code, and strengthened authentication and access control.

Many companies are working to improve software, patch updates and software development. Last week, a task force, working with the Homeland Security Department, released its recommendations on software development.

Microsoft officials, however, also have specific plans for their own operating systems and software, which are used on the majority of computers worldwide.

Isolation simply means helping users to "draw a stronger line of defense around each computer and each network," Ballmer said.

Within the next few months, Microsoft will release a new service pack for its Windows XP and 2000 operating systems with several significant updates, including activating the integrated firewall as a default setting. Users originally didn't want that setting, but the environment has changed, Ballmer said. Microsoft has no plans to include an integrated antivirus solution, too, but more users are asking for that, so executives aren't ruling anything out, he said.

Microsoft has previously said that the service pack will:

Set the Internet Explorer browser to block automatic pop-ups and downloads.

Improve how the browser's e-mail and instant messenger handle attachments that can carry viruses and worms.

Enhance the operating systems update notification with a Windows Security Center that takes security preferences for several major tools and applications and groups them in one area.

Include new technology to make it harder for attackers to exploit the buffer overflow vulnerability.

Later this year, Microsoft will release a similar service pack for its Windows Server operating system.


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.