[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Friday, 5 May 2006, 16:43 GMT 17:43 UK
Tough task of Windows security
Around 90% of us use Microsoft Windows, and it is fair to say that it has been the biggest target for hackers in recent years.

Mike Nash
Mike Nash has one of the most exposed computer security jobs
It is incredibly popular, so that makes it a big target.

Mike Nash, responsible for fighting off all those attacks and for protecting the Windows platform, spoke to Click about what his job involved.

"Overall, the primary focus is on making sure we understand what customers need us to be doing, and working hard to respond to those things", he says.

"The more we can understand the customer, the better we can respond."

In 2007, with the next iteration of Windows, Vista, all eyes are going to be on the security features of that.

Mike says: "Probably the most significant thing we've done in Windows Vista is to make sure we're building more protections against malware.

"You've heard about Windows anti-spyware work but certainly Windows Defender, which will be delivered as part of Windows Vista, will be really important to help customers be protected from spyware and other potentially malicious software.

"A lot of work has also been done to make it easier to use the security in Windows. For example today most users of Windows XP log on as an administrator. That can actually be the cause of some exploits.

"So in Windows Vista we've made it really easy to have a very good experience as a standard user, therefore eliminating the risks that would be associated with being in admin.

"One of the interesting features that we're very excited about in Windows Vista is the ability to decide which pluggable devices you're allowed to put in your machine.

Microsoft chairman Bill Gates talks about Windows Vista
The launch of Windows Vista has been delayed until January 2007
"So if someone walks up to your machine with a USB drive, many companies are afraid of that, in fact some are so afraid that they've filled the little USB slots with glue. We think we can do a better job with software.

"In Windows Vista one of the things we're doing is allowing the administrator through group policy to decide which devices they want to allow to come onto the machine and which they don't want on the machine, and therefore much more control about the extensibility of the platform."

As to why the original Windows XP was so insecure, Mike says this is interesting.

"First of all, the original Windows XP was very secure, for its time. I think there's a lot of feedback we got from what I call more influential users that said 'Hey, Microsoft, you've got a firewall for Windows XP; that's great, but please don't turn it on by default.' Their reasoning was they already had a firewall.

"It was probably a good decision for a relatively small set of customers, but in general most customers didn't have a firewall, so with Windows XP Service Pack 2 we realised we had to do more, beyond just quality, but to provide other protections in the system."

With regards to people who have illegal copies of Windows, and whether they will continue to be provided with patches, Mike says: "Our policy has been to make sure that we get customer security updates as necessary.

"Certainly there are real benefits to using genuine software, but I think we really want to make sure that we help customers understand the benefits of being genuine.

"Often, non-genuine software has other problems with it as well."

Microsoft has come in for some criticism recently that it issues patches for security holes it finds in Windows, but it is not as quick to do so as other companies, which are finding the holes quicker, and issuing the patches faster.

Mike says: "The key thing about security updating is that building an update is actually a relatively straightforward process. It's verifying the quality that takes a bit more time.

"If someone else builds an update that they try to build on top of our platform, it's not clear they've tested it across all the applications we want to make sure we're compatible with.

"It doesn't seem likely they have more testing resources than we have at Microsoft.

"At the end of the day you look at the investment we've made in terms of our test lab.

"We certainly got feedback in the past that we previously had problems with quality, so now we make sure we have very sophisticated unit testing of the individual components, but then also making sure they're working in a real customer scenarios with live applications running in our test labs."

Microsoft delays launch of Vista
22 Mar 06 |  Business

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific