December 2000
Formation of the Security Services Partner Program (searchable Web-based database where customers can locate immediate help in dealing with security issues in their own systems and across the Internet)
February 2001
General availability of ISA Server
November
Microsoft hosts Trusted Computing conference, beginning discussion of the need for more secure software
December
Publication of “Writing Secure Code” by Michael Howard and David LeBlanc
January 2002
Bill Gates issues Trustworthy Computing memo to all of Microsoft; planning and curriculum development for Windows security review–now called a “security push”
February
Microsoft pulls more than 70 development teams off their projects to go through security training
March
Microsoft delays release of .Net Server family so it can undergo security review
April
Scott Charney is hired as chief security strategist to oversee Trustworthy Computing; Microsoft creates the Security Business Unit, now known as the Security Business & Technology Unit, and names Mike Nash vice president; MBSA (Microsoft Baseline Security Analyzer) released
May—July
SQL Server, Exchange, Office complete security pushes
June
Release of SUS (Software Update Services) critical patch deployment tool for small and midsize customers
December
MBSA V1.1 released; publication of “Writing Secure Code” second edition, reflecting lessons of a year of security pushes
February 2003
Microsoft forms academic advisory board for advice on security issues
April
Windows Server 2003, the first product to be built from scratch since the beginning of Trustworthy Computing, released
May
VIA (Virus Information Alliance) announced
July
Microsoft acquires GeCAD Software
October
Microsoft moves to a monthly patch cycle; news announced by Steve Ballmer at the Worldwide Partner Conference; monthly Webcasts hosted by Mike Nash begin
November
Microsoft Anti-Virus Reward Program announced
January 2004
Security Development Lifecycle formalized; tools such as PREfix and PREfast become formal aspects of the development process for more secure and reliable software
February
Gates announces active protection technologies vision, Coordinated Spam Reduction Initiative; establishment of Caller ID for E-mail; formation of Global Infrastructure Alliance for Internet Safety
April
Security summits started and held in major U.S. cities through June
August
Windows XP SP2 released, including several security upgrades, such as turning on the firewall by default
November
Advance Notification Program announced
December
Giant Company Software acquisition announced
January 2005
Microsoft launches the first of its monthly Malicious Software Removal Tools; Microsoft AntiSpyware beta launched
February
Sybari acquisition announced
March
Microsoft holds the first Blue Hat briefings on its Redmond campus
May
Windows OneCare announced; launch of Security Advisories program
October
Steve Ballmer outlines Microsofts security strategy and road map, announcing Client Protection and Antigen; Fall 2005 Blue Hat briefings