Windows 2000 has passed all required tests for a security certification accepted in 15 countries, Microsoft announced Tuesday.
While software vulnerabilities may still occasionally bug the operating system, the Common Criteria certification attests that the key software components of Windows 2000 meet a specific level of security. The effort to obtain the certification, which took almost three years and cost millions of dollars, shows that Microsoft is serious about security, said Craig Mundie, vice president and chief technical officer for the Redmond, Wash.-based software giant.
"For people that have questions about our level of investment and our level of effort, this is testament to...our commitment to security," he said.
The certification, which is maintained by an association of international standards bodies, could make Windows 2000 an easier sell to government agencies within the 15 countries that recognize the award--the United States, Canada and the United Kingdom among them.
Based on a set of Department of Defense specifications for trusted systems known as the Orange Book, the Common Criteria doesn"t guarantee that an operating system or software application is bug-free, but that the development and support processes that created and maintain the product meet a certain level of standards.