Identifying security as the number one threat against Microsoft Corp., as well as the IT industry as a whole, Steve Ballmer, CEO of the Redmond, Wash.-based software giant, told a room of Canadian software developers that security continues to be a central issue at Microsoft — especially as the company moves toward the release of Longhorn.

...

"It's a world of threat," he said.

The Microsoft approach to security right now is focused around technical and social issues, with attention being given to quality, resiliency, education and awareness. For example, Ballmer said there is a range of things that need to be addressed, such as the resiliency of having application-aware firewalls. These smarter firewalls that live on the edge of not only a network but also every computer will push intelligence forward, as will intrusion prevention technology, he said.

...

Meanwhile, in a presentation at the RSA Conference in San Francisco on Tuesday, Microsoft announced that it is working on security technologies for the upcoming Longhorn release of Windows that will protect users against security threats by monitoring system and network behaviour as well as the security patches that Microsoft has issued.

The new technologies will allow Windows to detect irregular system behaviour — in terms of network traffic, memory usage and system calls, for example — and respond to them automatically, Bill Gates, Microsoft chairman and chief software architect said during the presentation. The result of the development effort, which Microsoft refers to as "active protection technologies," should protect systems from worms and viruses by preventing and containing attacks, according to Microsoft.

A component of the protection system, dubbed "dynamic system protection," will track which security patches users have installed. The component will make changes to the Windows firewall to fend off any attacks that appear to take advantage of a security flaw that users have not yet patched themselves against. For example, if Microsoft has provided a patch for a flaw involving ActiveX controls, dynamic system protection will block ActiveX controls from running on a Windows system until that patch is installed, Microsoft said.

Other parts of the active protection effort include reducing the likelihood of a successful attack by automatically adapting the security settings to the type of network connection, for example when a notebook computer is moved from a corporate network to a public wireless LAN, said Microsoft product manager Jon Murchinson.