A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

Summary: As a longtime Microsoft-watcher, I’m as fascinated by the company’s missteps as I am by its successes. Anyone who worked at Microsoft in the first decade of the 21st Century knows the company made many missteps and wrong turns. How the company responded to those mistakes had an indelible impact on products that are on the market today and those that are planned for the future.They say every mistake is a teachable moment. So what has Microsoft learned from its miscues over the past decade?


 |  Image 6 of 11

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • Thumbnail 6
  • Thumbnail 7
  • Thumbnail 8
  • Thumbnail 9
  • Thumbnail 10
  • Thumbnail 11
  • Microsoft's ActiveX technology seemed like a very bright idea in 1996, when the World Wide Web was still shiny and new. ActiveX controls were helper programs that could be called by a local app or a Web browser for a specific function. But the architects who dreamed up ActiveX didn't think of its consequences on PC security. The results over the next 10 years or so were disastrous. Today, if you ask a computer security professional or an IT pro about ActiveX, they'll probably just roll their eyes and groan.

    The subject came up last year when I criticized Adobe's record on security. Several readers pointed out, quite reasonably, that the same Symantec report I referenced in that post said that "ActiveX technologies still constituted the majority of new browser plug-in vulnerabilities [in 2009], with 134." And indeed, for years after XP's introduction Microsoft was continuing to deal with the fallout of ActiveX insecurity.

    Initially, ActiveX provided a convenient way for crooks to sneak malware onto Windows PCs. These were classic social engineering attacks, with malware disguised as a required update to play media files, for example.

    Microsoft dealt with those But then, in June 2009, the mother of all ActiveX vulnerabilities was discovered. This is the infamous MSCOMM32.OCX ATL Loader Remote Code Execution Vulnerability (CVE-2008-0024). The problem was found in a template file that was included with Microsoft Visual Basic. In its security advisory, IBM Internet Security Systems rated its exploitability as "high" and described what made the problem so acute:

    Although this ActiveX control is not installed by default, most PCs have it. Nearly all Visual Basic applications include this DLL during the installation process, and, since it's considered a shared component of these applications, it is typically left on the system even after an uninstall. So, if a Visual Basic program has ever been installed on a computer, it probably has this ActiveX control installed, too, which makes this component highly prevalent, and, therefore, a lucrative target for attackers.

    There's no telling how many ActiveX programs were affected by this vulnerability, but the number is probably in the hundreds. The problem was worst for anyone using Windows XP with Internet Explorer 6.

    Over time, Microsoft has tightened security around ActiveX controls dramatically. IE7 introduced a feature called ActiveX opt-in, which made it impossible for an attacker to use an installed ActiveX control without permission. In Windows Vista and Windows 7, Internet Explorer use Protected Mode, which sandboxes ActiveX controls so they're unable to do any serious damage. And cumulative updates to Internet Explorer routinely set ActiveX "killbits" for vulnerable controls to block them from running at all.

    In modern Windows versions, you're unlikely to find more than a handful of ActiveX controls. (Adobe's Flash plugin for Internet Explorer is the most common one.) But it's taken years to shake off the security headaches that came with ActiveX, and Internet Explorer's image remains tarnished today.

  • Before there was the iPad, there was the Tablet PC.

    Bill Gates proudly introduced Windows XP Tablet PC Edition (a variant of Windows XP Professional) in 2002, and he operating system got a major update in 2005. Its features were rolled into Windows Vista in 2006, and the entire pen-and-touch input system was refined impressively in Windows 7 in 2009.

    And then the iPad came out and made Tablet PCs look like something from a prehistoric time.

    What went wrong? If you look closely enough, three problems emerge.

    First, the hardware available in the early 2000s simply wasn't good enough to make the tablet experience fun or interesting. Tablets were heavy and hard to hold, and they didn't have enough battery life to get through a working day without being recharged.

    Second, these alternative modes of input were considered features rather than the primary mode of interacting with a Tablet PC. Although a few brave OEMs tried to introduce slate designs, the most common tablet configuration was a convertible PC, which functioned as a conventional notebook most of the time and switched into tablet mode as needed. The result was a system that didn't do either task particularly well.

    Finally, the biggest problem was a lack of developer support. Even tablet enthusiast had a hard time finding apps that really took advantage of pen and touch input.

    And so the entire Windows Tablet PC category was relegated to niche status, selling a microscopic number of units. Within a few months of its release, Apple had sold more iPads than Microsoft had sold Tablet PCs in the preceding eight years.

    There's no question that Microsoft learned some painful lessons from the Tablet PC failure. There's also no question that its Tablet PC experience has given it a good head start—at least in technology terms—when it comes to Windows 8. For 2012, its challenge is to prove it can deliver a tablet that people will love. That's a tall order.

    Photo: Michael Walsh, The Acer Guy

  • After XP shipped in 2001, Microsoft got right to work on the next release of Windows. It was an ambitious undertaking. Then-Windows boss Jim Allchin had a long list of groundbreaking features that would go into the upgrade, which was code-named Longhorn.

    Paul Thurrott covered the Longhorn project extensively in those early days, putting together a detailed FAQ, multiple screenshot galleries, and extensive coverage of the many times Microsoft excitedly showed off new Longhorn features to developers and partners.

    For Longhorn, the high point was the 2003 Professional Developers Conference (PDC), where Microsoft showed off everything it had done so far and whipped developers into a frenzy over what they could do with Avalon and Indigo and WinFS (Future Storage) and Next Generation Secure Computing Base, aka Palladium.

    And then the wheels fell off.

    In January 2004, Allchin sent an e-mail to Gates and Ballmer admitting failure:

    I must tell you everything in my soul tells me that we should do what I called plan (b) yesterday. We need a simple fast storage system. LH (Longhorn) is a pig and I don't see any solution to this problem.

    It took a few months, but by August the die had been cast, and the infamous "Longhorn reset" happened. A 2005 Wall Street Journal article has the ugly details:

    Microsoft would have to throw out years of computer code in Longhorn and start out with a fresh base. It would set up computers to automatically reject bug-laden code. The new Longhorn would have to be simple. It would leave bells and whistles for later -- including Mr. Gates's WinFS ...


    On Aug. 27, 2004, Microsoft said it would ship Longhorn in the second half of 2006 -- at least a year late -- and that Mr. Gates's WinFS advance wouldn't be part of the system. The day before in Microsoft's auditorium, Mr. Allchin had announced to hundreds of Windows engineers that they would "reset" Longhorn using a clean base of code that had been developed for a version of Windows on corporate server computers.

    Nearly three years of work went down the drain, and a demoralized development team had to kick into high gear to turn out Windows Vista two years later. It's no wonder that Vista, despite its excellent foundational work, was a mess when it shipped.

    Screenshot credit: Paul Thurrott

Topics: Operating Systems, Microsoft, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories


Log in or register to join the discussion
  • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

    I still find myself annoyed at that damn search dog. Words cannot describe how much hatred I have for that dog.
    The one and only, Cylon Centurion
    • All IT people hated it...

      @Cylon Centurion ...but you wouldn't believe how many end users still ask me if there is any way I can put it back. Seriously....
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        A lot of users with kids tell me they found it "cute", but I for one, am glad he is gone.
        The one and only, Cylon Centurion
    • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

      @Cylon Centurion Got to be better than Clippie though surely?
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        I'll take Clippy any day. :D
        The one and only, Cylon Centurion
    • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

      @Cylon Centurion
      And to make it worse Win7 search still defaults to the dog....

      My biggest beef that keeps me from moving way from WinXP is the total lack of backwards compatibility on ALL post XP MS products. With Win7 I cannot use most of the programs I've purchased, written, or have become very proficient at without using a program like VMware. Even the Win7 XP emulator restricts to 32bit.

      MS has taken the arrogant lazy position of FORCING us to ugrade our older programs (if there is a 32/64bit product to be purchased/re-learned) or SCREW US! This is not some new MS arrogance issue --- MS has always required upgrading hardware/software each time a new OS comes out or you get bogged down with the slows or will not work syndrome. So MS I've now taken the position of SCREW YOU --- unless future MS OS's are fully backwards compatible (or free patches) to 8/16/32bit programs. [And NO Cloud crap - big brother knows enough and many places I go have no internet, I'll stick with my HD, thank you!]

      I design/build/program EE Test Stations - we do not connect to the internet due to the obvious security/mal-virus-etc issues, hence we are sticking with WinXP. If MS does not overcome their jam-it down our throat methods I'll switch to Linux!
      N6JSX, MS-EET
      • Your credibility is destroyed immediately


        This is ridiculously untrue:

        "Win7 search still defaults to the dog."

        You're either clueless or trolling. I honestly dno't care which, but it would be nice if you would cop to it.
        Ed Bott
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @Kuby I don't know what you are talking about. I've never had a problem running programs that I had on XP on Windows 7. Are you still running DOS programs? Seriously, it might be time to upgrade that software.

        I run Linux on a few of my machines, and I'm not sure why you believe the experience for backward compatibility will be any better there. Every time there is a kernal update, seems like I have to go get updated versions of my software, so again, what are you talking about?

        I'm afraid, you misrepresent the Linux community with this type of babble, and frankly, we don't want you here.
      • It was probably crap to begin with

        @Kuby Honestly, I've got applications that were written in 1996 which were originally written for Windows 95 that still work fine today. The only issue I have ever had was some extra gyrations to set up 32 bit data sources for them when using 64 bit Vista or Windows 7. And those work arounds were pretty easy once we figured out what the issue was.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        I *really* wish that zdnet would put a "Like" button in the comments as I would surely click it for your comment above.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @Kuby, actually not all builds include a virtual machine that allows backward compatibility. For backward compatibility with XP (unless you are a high level expert) you will need a second virtual machine loaded. I returned a new laptop purchase for this exact reason.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        I fail to see your argument. In no way, shape, or form does the search dog appear in Windows Vista or Windows 7.

        Also, ALL operating systems require the purchasing of new hardware. Try running Linux on that old 8-bit processor you're running and see what happens. :)

        Progression, my friend. If you're coding your own apps, then you should have upgraded the coding. It's not Microsoft's fault your software is falling out of date. purchased or otherwise.
        The one and only, Cylon Centurion
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        Wow, buy an Apple and tell me how you feel. All my hardware works on XP->Win7. Don't mistake a manufacturer's unwillingness to write device drivers with windows not working on your hardware.

        Mr Jobs made sure old hardware got shut off, forever... When a new version of his apps came out, the previous ones stopped getting fixed; period! You have XP working for 10 years, without paying for any fixes or upgrades. Ask a MacOS user about that.

        Some people need to look out of their caves now and then.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @Kuby <br>Mr. Kuby, I was the same as you for about a day. I use to have (for example) this photo enhancing/manunipulation program--Picture it 2001. I thought I could not make it without this program. Then I found Photpscape, makes PI 2001 look like a kindergartner vs a PHD. Much better and about 1/4 the real estate. And the best thing, it's free, as in water and beer! There are several others to numerous to mention, including Open source and people just programing for the heck of it. You will be surprise what you can find if you "Bing" free software. You can spend months in an orgasmic frenzy! Try it--you will like it! I guarantee but will not stake my life on it!!
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @Kuby :

        Very badly written XP programs have problems running on Win 7. But even badly-written ones can run if you create 'shims' that correct incompatible behaviours using MS-provided tools.
      • RE: ...FORCING us to ugrade our older programs...


        Now you know why, after reviewing our computing needs; our 1000+ employee company <b>kicked Microsoft to the curb</b> and switched to Linux.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @gomigomijunk - what Linux programs do you have to upgrade with each kernel update? I can't think of any that are required because of a kernel update. Device drivers are different, and modules that plug directly into the kernel as a kernel extension may require updates as they are usually specific to a particular version of the kernel.
      • Not fair comment.


        You say:
        " MS has always required upgrading hardware/software each time a new OS comes out or you get bogged down with the slows or will not work syndrome"

        Thats a horribly misleading statement. It makes it sound as if Microsoft creates an operating system then the hardware manufacturers have to cobble up better hardware they wouldn't have bothered with if Microsoft hadn't created a more complex operating system.

        Not an accurate depiction at all. First off, facts are facts. We know how fast hardware improves and its a fact various bits of hardware, be it memory, hard drives, CPU's or video cards have a much much faster turn around time then any MS operating system. Look at XP. By time Vista came out hardware had been upgrading for many years.

        Then let us not forget that practically every major bit of software will often take more resources to run in their most current versions as opposed to versions that are 3,4,5 years or more old.

        You have the situation entirely backward. Software manufacturers look to the state of hardware as some indication of how much load their program can reasonably put on a modern system when they are developing the program. Sure, Office 2010 for example isn't going to run as hot on 5-10 year old hardware, but then again, why would anyone develop a major program restricted by wanting to make it run on hardware thats years old? Operating systems in particular last for years and there has never been a case where 2-3 years after a Windows release that even whats considered low end modern hardware is significantly more then whats needed to run the OS.

        How would one justify that? It quite frankly makes no sense.

        Try thinking about that. Design an entire operating system with all the related costs, cut it where ever you have to to make sure it will never have a problem running on what would be hardware thats middle of the road 5 years ago. It would be considered to be junk hardware by most, but do it anyway. And the end result may be more streamlined, but in many respects its actually going to be considered to be more stripped down.

        If that was the case Windows would be a lot more like Linux has been and at that point why would one want Windows when Linux cost zero. Sure, Linux users have no issue with that but Linux enthusiasts are not of a breed that generally appreciates any of the differences Windows brings, much unlike the 90% of the world that uses Windows.

        Where is the mileage in creating an OS like that? People get used to, and love massive backward and forward compatibility with all the popular hardware and software that Windows brings along with the many user friendly aspects to the OS and the more features added, well, it makes for a more complex OS.

        Its pretty hard to justify paring down a newly designed OS because it will be sluggish or even stall on 5 year old hardware. Maybe.

        And further, its not at all unusual that someone who gets some good hardware can still get great performance out of their computer even if they install a newly released OS 4-5 years after they bought the hardware, perhaps less so agreed, as the quality of that hardware goes down.

        And I really don't know what your software complaint is about. I now run Windows 7 and everything that I have that would run under XPSP2 still runs fine on Win7. Agreed, there are likely programs out there that will not, butt if you think one huge company is going to stymie their product development due to rare issues like that you have got to be kidding.

        If you want to go with Linux, certainly be my guest. I've used Linux before and I think its alright. Impressive in many ways for an OS. But for the long term, its not for me, its no Windows thats for sure, and if thats a good thing for you then boy, you SHOULD go to Linux. Give it a go, its free, there are plenty of choices and it works well.

        The one place I can agree with you is the no cloud crap. I don't even get why some people entertain the idea. Sure, like anything there are people in this world of 7 billion that the cloud may be the better way. But for many people, they could store all the stuff they would use in the better part of a lifetime on a $100 HD. And it will be even cheaper for those buying hardware next year, and even more so as time goes by. At least then, so long as your computer can start, you always have access to your stuff. And of course, if the comp don't start, the cloud wont help with that anyway.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)

        @Kuby AFAIK the dog doesn't exist in Windows 7. The search is either in the start menu or next to the address bar in an Explorer window. And I've never seen an option to bring the dog back either.

        To be honest, I've had no major issues with compatibility, and the minor issues I've had were easy to fix.

        If you're really having so many compatibility issues, may I suggest double checking your Data Execution Prevention settings? Older software often wasn't aware of DEP.

        Being somebody who takes security seriously enough to stay off the 'net, I wouldn't be surprised if you switched DEP to the stricter setting at one time and forgot about it.

        "And NO Cloud crap - big brother knows enough"

        Indeed. Try looking up your ham radio call sign in a search engine. You'd be surprised how much info is public.

        Former ham, Computer Science graduate, A+ Certified.
      • RE: A decade's worth of Windows mistakes that changed Microsoft (for better and worse)


        .......Can I get some of what you're smoking ???

        You have to be nuts to think that MS is forcing you to update your s/w every time there's a new Windows release......

        ......It's plainly evident you don't know what you're talking about.

        ......sort of like the one person in a particular newsgroup that STILL uses Windows98 because XP runs "too many services"

        ......or another newsgroup loser that is a full on Lintard, beyond belief, and has never personally used XP, Vista, *or* Windows7, yet claims to know all about all Windows OSs because he 'reads' about it.