News

Ballmer: Microsoft 'Humbled' by Recent Security Problems

• By Scott Bekker
• September 16, 2003

Ballmer made the remarks during a speech to the Churchill Club, a Silicon Valley business and technology forum. His talk focused primarily on the unlimited potential for technology innovation, a recurring theme with Microsoft executives since a controversial article in the Harvard Business Review suggested that technology no longer offers businesses competitive advantage.

"We are in many ways humbled by the developments of the last few weeks. Windows is the most popular platform in the world, so every security incident with it is just magnified and magnified and magnified across so many more systems than with any other platform," Ballmer said.

The speech was one of many recent signals out of Redmond that the major digital attacks of August are prompting a serious re-evaluation of the direction of Microsoft's Trustworthy Computing initiative.

"Many of our customers are feeling the pain. They are frustrated by vulnerabilities. They are frustrated by patches. They are concerned about the threat that hackers pose to their systems. And businesses are taking a hit at the bottom line level," Ballmer said. "We recognize the concerns of our customer base -- boy, do we -- and we are further redoubling our efforts to ensure we have a comprehensive approach for better security for all of our customers."

Some approaches, Ballmer said, included more law enforcement, better collaboration between IT vendors and improved security bug patch processes at Microsoft. But Ballmer contended that technological innovations remain among the best methods for fighting security problems. Comparing innovations in safety made by the automobile industry and innovations in anti-robbery protections by banks, Ballmer said Microsoft is continuing to invest in and develop new technologies for stopping attacks.

Those methods include post-processing of source code to find vulnerabilities. "So you actually go back and you have tools that look through the source code and help identify potential vulnerabilities." Ballmer noted that Microsoft is considering sharing the tools with independent software vendors and corporate developers.

Microsoft is also working on better tools to deploy software patches, Ballmer said. Scott Charney, Microsoft's chief security strategist, has said that Microsoft is in the process of consolidating its eight patch installation technologies into two.

Ballmer also referred to something called shield technology. "I think perhaps the most important technical area that we're focused on, is the area of what we are calling shield technology. We know that the bad guys are going to keep writing viruses; we know that. Our goal has to be to block them before they can ever get onto those PCs. And regardless of the cost and level of investment required by us, by Microsoft, we are absolutely committed to try to accomplish this notion of shielding."

The full text of Ballmer's speech is available on Microsoft's Web site.