Microsoft's reputation: 'Tarnished but not irreparable...'

Timing of security overhaul was impeccable...
Written by Will Sturgeon, Contributor

Timing of security overhaul was impeccable...

Microsoft's decision to overhaul its security strategies may well have been the most important in its recent history, according to one security expert. In the last couple of years the security of its products has become the highest priority within Microsoft, as it tries to break the perception that it is a company which rushes products to market at the expense of security. Last year Bill Gates demanded his staff turn their attentions to developing more secure software, and eliminating the bugs and flaws which had regularly undermined Microsoft's reputation. Developers were sent to security 'boot camps' and the most recent fruits of this policy saw Windows Server 2003 released late as a result of the strenuous testing it had undergone as part of Microsoft's Trustworthy Computing initiative. 'Better late than insecure' couldn't have been further from the Microsoft of the mid-nineties. And now one security expert has come out to say the timing of Gates' decision to stress the importance of watertight code was impeccable - suggesting the company was close to damaging its reputation forever if it hadn't acted when it did. Vincent Gullotto, vice president of Network Associates' anti-virus emergency response team (AVERT), said: "I think Microsoft's reputation is tarnished, but it's not irreparable. They can recover going forward." He added: "Four years ago Microsoft realised they had issues. I don't think they even had a dedicated security team back then - now they've got two. If a security researcher had turned up at Redmond nobody would have spoken to them - but they're speaking to them now." Gullotto also believes Microsoft is, in part, a victim of its own success. He said: "Even if Microsoft does lose market share then I think we'll see that whoever picks it up will become a major target too. Microsoft's position meant it was up there to be attacked. "Let's face it, if you're going to write a virus you're not going to be targeting [Linux vendor] Red Hat."
Editorial standards