Microsoft takes a break to clean its code

After nearly 25 years of writing software code, Microsoft is taking a break to do a little housecleaning.

The company has ordered a temporary halt in the development of new code and has instructed its developers to go back and check for security holes in the piles of ones and zeros already written. The clean-up targets the gamut of Microsoft products from its desktop operating systems to its newly released .Net tools, a Microsoft spokeswoman confirmed Monday. Each division will stop writing new code for about one month.

The development team building the next version of Windows, for example, has taken a break to perform an "intense review of the Windows source code," the spokeswoman said. That includes reviews and audits of the operating system, or what the company is calling a "code scrub."

Similar efforts are already under way with the development team building Microsoft's Office software, as well as among developers working on its .Net initiative. The effort is expected to extend to other divisions at Microsoft in the next few months, the spokeswoman said.

The cleaning frenzy is part of a broader effort dubbed the Trustworthy Computing Initiative, which is intended to make Microsoft's software more secure and reliable. Bill Gates, the company's chairman and chief software architect, outlined the initiative to employees in a memo last month.

Although its intentions may be good, one analyst suspected that the moratorium on new code would throw a wrench into Microsoft's development schedule. "Certainly it has an impact on development plans, on products as well as service packs," said Michael Silver, a software analyst with Gartner Inc.

Most at risk is the first major package of updates and bug fixes for Windows XP, Microsoft's newest operating system, he said. The service pack is expected to include the updates, patches and bug fixes developed for the operating system since its launch in October.

With the service pack already in danger of a delay due to events related to its antitrust settlement proposal with the U.S. government, Silver predicted that any security flaws discovered during the house-cleaning effort could add to the work in getting the first service pack out.

"Certainly if they find something interesting they might want to include some other security fixes in (Windows XP) Service Pack 1," he said.

The service pack initially faced a possible delay because of a stipulation in the proposed settlement Microsoft reached with the Department of Justice and nine state attorneys general, Silver said. Terms of that settlement require Microsoft to disclose certain APIs (application program interfaces) for the operating system within a year of the deal being signed or in the first Windows XP service pack; whichever comes first. A judge is expected to rule on that settlement later this month.

Microsoft typically releases the first service pack to a product about six months after the product is launched. That puts the Windows XP Service Pack 1 due for release around April. It's unclear whether the company could meet that schedule if it were required to include the APIs, Silver said.

Besides issuing service packs, users can access the latest security patches and bug fixes through Microsoft's Windows Update utility. Last week, Microsoft also released a new type of update that it calls a Security Rollup Package. The first of these packages was released for the Windows 2000 desktop and server operating systems, and comes midway between the Windows 2000 Service Pack 1 and Service Pack 2.

Microsoft's director of corporate privacy, Richard Purcell, commented on the code-cleaning effort Friday at a security conference in Washington, D.C., according to a report in Government Computer Times. He said the effort came about partly because Bill Gates, the company's chairman and chief software architect, "is really annoyed by the incredible pain we put everyone through in computing," according to the report.

That pain has affected both corporate and consumer customers of Microsoft. Businesses running Microsoft's Internet Information Server (IIS) last year found themselves vulnerable to the damaging Code Red worm, while other Windows users fended off a worm known as Nimda in September.

Microsoft's market leadership makes it a prime target for computer hackers and worm builders, according to Rob Enderle, research fellow with Giga Information Group Inc.

Recommended

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Berger

Computerworld

Comments

Comments are now closed.

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?