It is easy to forget that Vista and Windows Server 2008 were once lumped together under the single moniker of Longhorn. Microsoft envisioned Longhorn as part of 2002's Trustworthy Computing initiative. This initiative was Microsoft's answer to the spate of business-halting viruses that exploited myriad Windows vulnerabilities throughout the early part of this decade. Trustworthy Computing meant that Microsoft would re-architect its development process to focus on creating secure code and, ultimately, a more secure OS.
Industry pundits and administrators hailed the Trustworthy Computing initiative as a promising step forward. Microsoft was acknowledging the flaws inherent in its OS design and taking steps to develop more secure software.
That was six years ago. In the meantime, administrators are still applying patches, constructing workarounds, reconfiguring exploitable default settings. Does that mean that administrators should be concerned with this latest delay? Probably not. Microsoft has yet to improve the lot of administrators toiling away trying to lock down a feature-rich but insecure OS. But the real question is whether the idea that technology will solve security problems is a pipe dream. As has always been the case, administrators cannot depend on Microsoft to solve security problems. In a perfect world, it would be Microsoft's responsibility -- but the world is far from perfect.
About the author: Benjamin Vigil is a former SearchWindowsSecurity.com editor.
This was first published in August 2007