"There's no reason to believe [Linux] will be higher quality. I'm not going to say it will be worse," he said.
Ballmer pointed as an example to the improvements Microsoft has made between Windows 2000 and Windows 2003. In the first 150 days after Windows 2000 was released, he said, Cern found 17 critical vulnerabilities. In the first 150 days after Microsoft launched Windows 2003, there were four critical vulnerabilities.
"In the first 150 days of Red Hat's 6.0, it was five to 10 times that [number of vulnerabilities]," Ballmer said.
Still, Ballmer conceded that for most of Microsoft's customers, four critical vulnerabilities are too many.
"We've made dramatic strides. It's still not good enough," he said. "I know we need to do better. We're in the position where the hacker only needs to find one hole, but we have to protect [against] them all."
Gartner analyst Tom Bittman asked Ballmer if the industry would still have the same security problems with Microsoft software a year from now.
"I hope not. I think not. We have that as priority number one," Ballmer answered. "We're not going to let anything stand in the way."
Tom Sullivan writes for InfoWorld