NEW ORLEANS—Microsoft Corp. CEO Steve Ballmer Thursday moved to show the thousands of partners attending its Worldwide Partner Conference here that the software titan does take security seriously and is actively working on ways to improve it.
In his keynote address, titled "Partnership, Innovation and Customer Focus," Ballmer said there are times in any companys existence when it has to stand back and listen and then regard those as defining moments in its evolution. The current security crisis is one of those defining moments, he said.
"Our whole industry is threatened by peoples fear to do new things because of security issues. Our action items include improving the patching experience, providing guidance and training, mitigating vulnerabilities without patches and continuing improving quality," he said.
Ballmer acknowledged that the number of patches is proliferating, the time to exploit the vulnerabilities is decreasing, the exploits are becoming more sophisticated and the current approach is not sufficient. "Security is our No. 1 priority, but there is no silver bullet in this regard," he said.
Ballmer said he wishes the security researchers "would be quiet as that would be better for the world." But that wont happen, he added. "We are trying to work with them on how and when they disclose their information."
Microsoft will improve the patching experience for all products from Windows 2000 onward by next May. These changes include moving to a single patching experience across Windows and all application products.
The company will also move to better quality patches and ensure rollback capabilities for all patches. In addition, its Delta patching system will enable patches to be between 30 percent and 80 percent smaller.
Downtime will also be reduced, with up to 30 percent less reboots, and the company will extend automation through a new update mechanism known as Microsoft Update, which will be a single point for this, Ballmer said, the only statement in his address to garner applause.