3 of 15Image
2001: Windows XP ships
The revolutionary part of Windows XP was that it unified the business and consumer versions of Windows in a single product. The Windows NT kernel replaced the old DOS-plus-Windows hybrid that had been used in Windows 95, Windows 98, and the ill-fated Windows Millennium Edition. Business users who had adopted the NT-based Windows 2000 a year earlier saw the garish new XP interface, which was widely panned for its "Fisher-Price" appearance. In its first year on the market, XP was far from successful, with less than 10 percent of the installed base upgrading in that first year.
XP's launch event took place in a somber New York City, the month after the 9/11 attacks.
2002: The era of Trustworthy Computing begins
Windows XP had been on the market for only a few months when Bill Gates distributed his now-famous Trustworthy Computing memo. The rise of the Internet had painted a giant target on Windows, and criminals had been successful in exploiting the server version of Windows in 2001 with two devastatingly damaging worms, Code Red and Nimda. As Microsoft's Michael Howard noted a decade later, "His memos are rare, and this one signaled the start of something big within the company."
Gates's memo basically halted all new development and sent every developer at Microsoft back to square one for security training. Windows security headaches continued for the next few years; building security into the core of Windows profoundly affected the development process for the next five years.
2003: The dawn of Patch Tuesday
The security problems that had plagued Windows XP at its launch continued in summer of 2003 with a widespread malicious software attack called MSBlast/32 (aka Blaster). It spread over networks using the RPC protocol and caused affected computers to go into a spontaneous reboot loop. In October of that year, Microsoft made the controversial decision to release updates on a regular schedule. The second Tuesday of each month became known as Patch Tuesday. Instead of scrambling to install updates as soon as they arrived, enterprise customers could plan updates for a regular window each month.
For more details, see Larry Seltzer's "The triumph of Patch Tuesday" and my "Ten years of Windows malware and Microsoft's security response."