Microsoft picks up hackers' gauntlet

New security strategy aims to 'blunt impact of cybercriminals'

Microsoft's chief software architect Bill Gates has vowed to continue to fight the security threats that still plague the industry.

In a letter to partners and customers outlining the software giant's security strategy for the coming year, Gates announced several initiatives such as security changes in Windows XP Service Pack 2, caller ID-style technologies for email, and behavioural monitoring of software.

Gates added that the vendor is hoping to reach 500,000 new customers in the coming year and has partnered with other vendors, such as Network Associates, Computer Associates, Symantec and F-Secure, to develop further joint security solutions.

"Security is as big a challenge as any our industry has ever tackled. It is not a case of simply fixing a few vulnerabilities and moving on," he said.

"Given human nature, evolving threat models and the increasing interconnectedness of computers, the number of security exploits will never reach zero.

"But we can dramatically blunt the impact of cybercriminals and are dedicating a major portion of our research and development investments to security advances."

However, some partners feel Microsoft still faces a credibility issue.

Michelle Drolet, chief executive of security VAR Conquest, said: "We tell customers thinking about implementing (Microsoft) patch management that it's almost like putting a fox in charge of the henhouse. It is often safer to use third-party assessment."

Alyn Hockey, director of research at email security vendor Clearswift, said: "We already work with Microsoft in some areas and I can see us doing more with it in the future, particularly on the Exchange Server side."

Hockey added that Microsoft has experienced "a run of bad luck with its security", especially because Windows is the biggest platform and a primary target for hackers and virus writers.

"But if Microsoft continues to develop its security offering, partners and customers will see it as more credible and a major player in the security market," he said.

[email protected]