Microsoft Corp. will launch a new tool this year called Microsoft Update designed to automate a company’s process of publishing and distributing Microsoft security patches, Steve Ballmer, the company’s chief executive officer, said Thursday.
The product will be modeled after the company’s Windows Update tool that automates the updating of features for Windows operating systems, Ballmer told attendees at the Microsoft Latin America Enterprise Solutions Conference 2002 in Boca Raton, Fla.
Microsoft Update will help prevent the exploitation of known security gaps in Microsoft products for which there are patches that may not be widely installed in companies, he said.
The development of this tool is one of several Microsoft initiatives to improve the security of its products.
“We know we must do better for you on the security front,” he said, adding that security now has “the highest level of priority” at Microsoft.
Security problems have plagued Microsoft products, making users concerned about the reliability of the software giant’s wares and drawing widespread criticism from industry observers. In January, Microsoft Chairman and Chief Software Architect Bill Gates launched an initiative to bolster the security of the company’s products, which he called “trustworthy computing.”
Microsoft’s research unit has also created tools that Microsoft is using internally to review the software code in its applications and operating systems to detect vulnerabilities, Ballmer said. The team in charge of developing Windows operating systems recently devoted two months to doing nothing other than checking Windows code for security gaps, Ballmer said.
The effects of the Nimda and Code Red worms last year “really shook us and made us understand we need to do more” in terms of security, he said.
Security problems affecting the IT industry aren’t limited to Microsoft but the popularity of the company’s products makes Microsoft a very high-profile target for writers of malicious code, Ballmer said. Consequently, Microsoft must make a bigger effort in this area, he added.
“We said we must commit ourselves as a company to the highest level of what we call trustworthy computing,” Ballmer said.