- Monthly patch releases.This initiative is immensely helpful,giving us much more sanity in applying patches.
- Smoother use of Windows Update Web site. Rank-and-file users can understand this site far better than in the past and easily keep their machines up to date.
- Integration of security features into compilers and operating systems. I'm very excited about the new buffer-overflow defenses that Microsoft is releasing. One element that could be quite interesting is the stack protection that will be built into Windows XP Service Pack 2.
- Offering a bounty for virus and worm writers. Although this highly controversial move of paying cash to people who turn in malware authors, I welcome it. If Microsoft wants to spend its money this way, I'm all for it. Let's get the bad guys, or at least make it much more likely that they'll get found and punished.
These elements are very promising. Visit here for more details on them. Still, Microsoft isn't perfect, and there are many vulnerabilities yet to be discovered and fixed. Let's give credit where it's due -- for finally moving in the right direction!
For more info on this topic, visit these SearchSecurity.com resources:
This was first published in February 2004