Microsoft is spending a third of its £3.2bn research and
development budget on IT security.
Speaking at the RSA conference, Microsoft chairman Bill Gates
said security concerns were harming the potential of the internet
to provide new services to the public.
He said Microsoft was investing to tackle security issues,
including revamping its Internet Explorer web browser, updating
Windows 2003 with features to quarantine rogue PCs on corporate
networks, and a raft of efforts to curb spyware and phishing.
The next version of Explorer, due for beta release in the
summer, will be the same version Microsoft plans to use in Windows
Longhorn, due in 2006. Features in the browser are designed to
reduce the likelihood of users logging on to spoof websites.
Other security improvements include the forthcoming Service Pack
1 release of Windows 2003, which is available as a beta from the
Microsoft website.
One of the key features of SP1 concerns securing the network
against users who log in via a virtual private network connection,
Gates said. Windows 2003 SP1 can check the user’s machine and
provide limited network access until the checks have been
completed.
The company has invested heavily in developing automated
checking tools for software, which can detect potential
vulnerabilities as applications are being developed.
Microsoft is planning to incorporate these tools into the Visual
Studio development suite and other packages to allow Windows
application developers to create more secure code.
Microsoft has improved the way it issues patches, said Gates,
simplifying the process for end-users. This includes prioritising
vulnerabilities so the firm only issues patches for the most
serious vulnerabilities.
Along with Explorer, Microsoft has developed software to detect
and delete spyware on corporate systems following concerns that the
ubiquitous nature of spyware could damage productivity and slow
down corporate networks.
At the heart of the project is a network created by Microsoft,
dubbed Spynet, to collate and analyse reports of spyware.