Microsoft takes a break to clean its code

After nearly 25 years of writing software code, Microsoft is taking a break to do a little housecleaning.

The company has ordered a temporary halt in the development of new code and has instructed its developers to go back and check for security holes in the piles of ones and zeros already written. The clean-up targets the gamut of Microsoft products from its desktop operating systems to its newly released .Net tools, a Microsoft spokeswoman confirmed Monday. Each division will stop writing new code for about one month.

The development team building the next version of Windows, for example, has taken a break to perform an "intense review of the Windows source code," the spokeswoman said. That includes reviews and audits of the operating system, or what the company is calling a "code scrub."

Similar efforts are already under way with the development team building Microsoft's Office software, as well as among developers working on its .Net initiative. The effort is expected to extend to other divisions at Microsoft in the next few months, the spokeswoman said.

The cleaning frenzy is part of a broader effort dubbed the Trustworthy Computing Initiative, which is intended to make Microsoft's software more secure and reliable. Bill Gates, the company's chairman and chief software architect, outlined the initiative to employees in a memo last month.

Although its intentions may be good, one analyst suspected that the moratorium on new code would throw a wrench into Microsoft's development schedule. "Certainly it has an impact on development plans, on products as well as service packs," said Michael Silver, a software analyst with Gartner Inc.

Most at risk is the first major package of updates and bug fixes for Windows XP, Microsoft's newest operating system, he said. The service pack is expected to include the updates, patches and bug fixes developed for the operating system since its launch in October.

With the service pack already in danger of a delay due to events related to its antitrust settlement proposal with the U.S. government, Silver predicted that any security flaws discovered during the house-cleaning effort could add to the work in getting the first service pack out.

"Certainly if they find something interesting they might want to include some other security fixes in (Windows XP) Service Pack 1," he said.

The service pack initially faced a possible delay because of a stipulation in the proposed settlement Microsoft reached with the Department of Justice and nine state attorneys general, Silver said. Terms of that settlement require Microsoft to disclose certain APIs (application program interfaces) for the operating system within a year of the deal being signed or in the first Windows XP service pack; whichever comes first. A judge is expected to rule on that settlement later this month.

Microsoft typically releases the first service pack to a product about six months after the product is launched. That puts the Windows XP Service Pack 1 due for release around April. It's unclear whether the company could meet that schedule if it were required to include the APIs, Silver said.

Besides issuing service packs, users can access the latest security patches and bug fixes through Microsoft's Windows Update utility. Last week, Microsoft also released a new type of update that it calls a Security Rollup Package. The first of these packages was released for the Windows 2000 desktop and server operating systems, and comes midway between the Windows 2000 Service Pack 1 and Service Pack 2.

Microsoft's director of corporate privacy, Richard Purcell, commented on the code-cleaning effort Friday at a security conference in Washington, D.C., according to a report in Government Computer Times. He said the effort came about partly because Bill Gates, the company's chairman and chief software architect, "is really annoyed by the incredible pain we put everyone through in computing," according to the report.

That pain has affected both corporate and consumer customers of Microsoft. Businesses running Microsoft's Internet Information Server (IIS) last year found themselves vulnerable to the damaging Code Red worm, while other Windows users fended off a worm known as Nimda in September.

Microsoft's market leadership makes it a prime target for computer hackers and worm builders, according to Rob Enderle, research fellow with Giga Information Group Inc.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Berger

Computerworld
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?