By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
In the event of a bug or security breach, the company, as part of Microsoft's Trustworthy Computing security initiative, knows which staff member reviewed the code and can take appropriate action.
For Brian Valentine, senior vice-president of Microsoft's Windows division, this is a major step forward as the company tries to improve the quality of its products.
Valentine said that in the first stage of the initiative, every Windows employee - some 8,000 people in all - attended mandatory training.
"It's a full-day, pretty intensive session," said Valentine. "There's a section on simple coding mistakes and how not to make them. Then there's a whole [section on] complex coding mistakes, which really goes back to design issues.
"Another one is how to change the engineering process to actually design for security upfront and then manage security as you develop your products, " Valentine added.
Valentine said the training highlighted what testers and quality control staff should consider during automated testing.
He admitted that one day of training was not enough. "It gets you started," he said. Microsoft is now embarking on a second round of mandatory refresher courses, which will be followed by a mandatory day of training every year.
With the training programme and product reviews Microsoft has initiated so far, Valentine was confident he could now avoid embarrassing blunders, such as the discovery of a major vulnerability in Windows XP soon after launch.
"I now have a trained force of developers and engineers," said Valentine. "I also have the capability as a manager of a complex project like Windows [to know] that every single line of code has an identified owner, that it was their responsibility during a security push to review that code."