Microsoft plans better security for Explorer

Microsoft is spending a third of its £3.2bn research and development budget on IT security.

Microsoft is spending a third of its £3.2bn research and development budget on IT security.

Speaking at the RSA conference, Microsoft chairman Bill Gates said security concerns were harming the potential of the internet to provide new services to the public.

He said Microsoft was investing to tackle security issues, including revamping its Internet Explorer web browser, updating Windows 2003 with features to quarantine rogue PCs on corporate networks, and a raft of efforts to curb spyware and phishing.

The next version of Explorer, due for beta release in the summer, will be the same version Microsoft plans to use in Windows Longhorn, due in 2006. Features in the browser are designed to reduce the likelihood of users logging on to spoof websites.

Other security improvements include the forthcoming Service Pack 1 release of Windows 2003, which is available as a beta from the Microsoft website.

One of the key features of SP1 concerns securing the network against users who log in via a virtual private network connection, Gates said. Windows 2003 SP1 can check the user’s machine and provide limited network access until the checks have been completed.

The company has invested heavily in developing automated checking tools for software, which can detect potential vulnerabilities as applications are being developed.

Microsoft is planning to incorporate these tools into the Visual Studio development suite and other packages to allow Windows application developers to create more secure code.

Microsoft has improved the way it issues patches, said Gates, simplifying the process for end-users. This includes prioritising vulnerabilities so the firm only issues patches for the most serious vulnerabilities.

Along with Explorer, Microsoft has developed software to detect and delete spyware on corporate systems following concerns that the ubiquitous nature of spyware could damage productivity and slow down corporate networks.

At the heart of the project is a network created by Microsoft, dubbed Spynet, to collate and analyse reports of spyware.

Read more on IT risk management