Top 5 Myths About Microsoft


Microsoft Doesn't Care About Security

Five years in the making, Windows Vista's 2007 launch was the biggest in Microsoft's storied history.
Five years in the making, Windows Vista's 2007 launch was the biggest in Microsoft's storied history.
Dave Einsel/Getty Images

Microsoft is the Little Dutch Boy of software manufacturers, constantly plugging security holes in its operating system and application software. These backdoor vulnerabilities allow malicious hackers to gain access to unprotected computers, turning them into unwitting bots that spread viruses and worms to even more computers.

You hardly ever see headlines reading, "Apple Warns Users About Serious Security Hole" or "Red Hat Races to Issue Patch to Thwart Hackers." That's because few programmers would bother to write malicious code and nasty computer viruses for Macs and Linux computers. The reason for this is quite simple: If you're a hacker and your insidious goal is to poison the most machines possible, you'd train your sights on the operating system used by more than 90 percent of the world's personal computers.

Despite the rabid criticism of the security weaknesses of Windows XP, it's wrong to say that Microsoft doesn't care about security. Microsoft employs some of the sharpest minds in the field of cyber security, including security chief Michael Howard and Linux security expert Crispin Cowan [source: Ho]. In recent years, they've launched several long-term, far-reaching security initiatives, including Trustworthy Computing, End to End Trust and most recently, Microsoft Security Essentials. They've also built Windows Vista to be substantially more secure than XP [source: Jones].

The real question, according to veteran tech writer Rob Enderle, is whether anyone at any company could successfully repel the near-constant barrage of attacks that plague Microsoft products. To make matters worse, he says, boasting about security features is bound to attract hackers hungry for a challenge. As an example, the writer cites an announcement from Oracle that called its latest creation "bulletproof." It was successfully attacked the next day [source: Enderle].