Code Red, Nimda and Blaster. These high-profile worms, which exploited flaws in Microsoft Windows and other applications, made Microsoft the butt of security jokes and forced the company to reexamine its approach to developing secure software.
"Throughout Microsoft, we thought Windows 2000 was a very solid, reliable operating system, perfect for deployment in the enterprise," said Ian Hellen, a security program manager at Microsoft"s Windows Security Engineering Team. "Those tiny pieces of code were real wake-up calls, saying Windows 2000 isn"t there yet. It"s just not designed to cope with these kinds of threats."
That was then. With the commercial release of Vista just months away, Microsoft"s efforts to improve security are now showing results, though much remains to be done by the company, said security experts attending the Hack In The Box Security Conference (HITB) here this week.