But the Redmond, Wash. company, which just touted SDL's 10-year history with a flashy, anecdote-filled online presentation, seems willing to risk torching that hard-won reputation by pulling the plug on Windows XP.
Microsoft plans to ship the final public patches for Windows XP on April 8. After that, it will not deliver fixes for security vulnerabilities it and others find in the 13-year-old operating system.
The result, even Microsoft has said, could be devastating. Last October, the company said that after April 8, Windows XP would face a future where machines are infected at a rate 66% higher than before patches stopped.
"After April [2014], when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP," said Tim Rains, director of Microsoft's Trustworthy Computing group. "If they succeed, attackers will have the capability to develop exploit code to take advantage of them."
Microsoft has justified its stoppage of Windows XP patches by reminding everyone that it has supported the OS longer than any others, which is true: Its normal practice is to patch an operating system for 10 years. And it has argued that Windows XP is old, outdated software that is less secure than its newer operating systems: Windows 7, Windows 8 and Windows 8.1.
Again, true.
The problem that Microsoft has only occasionally touched on is that Windows XP powers a massive number of personal computers around the world. According to Internet measurement company Net Applications, 29.5% of the globe's PCs ran XP in February. Using estimates of the number of Windows PCs now in operation, that "user share" translates into approximately 488 million systems.
Four hundred and eighty-eight million.
If every PC sold in the next 12 months was one destined to replace an existing Windows XP system, it would take more than a year and a half -- about 20 months -- to eradicate XP. Windows XP isn't going anywhere.
Even if one discounts the 70% of the approximately 300 million XP machines in China that are not regularly updated with existing patches -- the 70% statistic comes from Microsoft -- that still leaves 278 million machines.
Microsoft has never faced this situation before, with a soon-to-be-retired OS running a third of all the Windows PCs worldwide. So on one hand it's not surprising that it has stuck to its guns, and is pushing XP into the sunset and forgetting it.
But by doing that, it could hurt itself as much as the customers who end up with an infected XP system.
There's the real possibility that large-scale infections of Windows XP will paint the Windows brand as insecure, fulfilling the implicit prophecy the company made late last year. To most people, Windows is Windows is Windows, with no distinction between XP and the newest, locked-down 8.1. And for those people, Windows is Microsoft because it's the best known of the company's software.
So if post-April headlines appear that shout, "Windows under massive attack," Microsoft's reassurances that the bug can be exploited only on XP, that newer editions of Windows are safe to use, will be lost amidst the noise.
Outside its own software, Microsoft has other reasons for worry. As the company has often said, it's not just Windows that it must keep secure, it's the entire Windows ecosystem, the gamut of software that runs on the platform. A bug in a third-party program, such as Adobe's like-a-sieve Flash Player, which has had to be patched 18 times in the face of ongoing attacks since 2010, reflects poorly not just on Adobe but also on Microsoft. That's because Windows powers 90% of the world's PCs.
That's one reason why Microsoft has reached out to third-party developers -- Adobe being just one -- to help them craft their own SDL-like processes, a fact last week's retrospective trumpeted when it said its SDL guidance had been downloaded more than 1 million times since 2008.
Co-founder and former CEO Bill Gates made the connection in an all-company email he sent in January 2002, the call to action memorandum that ultimately led to SDL. "Our new design approaches need to dramatically reduce the number of such issues that come up in the software that Microsoft, its partners and its customers create," Gates said. "Trustworthiness is a much broader concept than security, and winning our customers' trust involves more than just fixing bugs and achieving 'five-nines' availability. It's a fundamental challenge that spans the entire computing ecosystem, from individual chips all the way to global Internet services (emphasis added)."
Small and midsize businesses are moving to the cloud to host their communications capabilities. Learn how enterprise-quality phone benefits, online management, conferencing, auto attendant, and ease of use are built into a system that is half the cost of a PBX.Read now.
See All Episodes and Subscribe at www.informit.com/onnetworking.
Home News Opinion Business Sport S & T Features Books In-depth Jobs Classifieds Shopping International South Asia World International» South AsiaColombo,July 9, 2013Indian Ocean security pact signedMeera Srinivasan Share · Comment · print · TOPICS diplomacy India-Sri Lanka 
Images of the week Highlights of the week in pictures - the odd images you might have missed and some lasting moments our editors think you should see.more slideshows»Slideshow
Myanmarese in Budhela: Stuck in a limboOn World Refugee Day, we track the lives of refugees from Myanmar in the national capital who are still sceptical of returning, despite Aung San Suu Kyi’s return to active politics and other reforms in their homeland.more slideshows»Most PopularMost CommentedPakistan silent on leaked report about failure to detect bin Laden Report assails Pak officials over Osama bin Laden Taliban close Qatar office to protest flag fracas ‘Collective incompetence’ behind failure to catch Osama, says Pakistan report Indian Ocean security pact signed Militants kill 6 soldiers in Pakistan 18 Taliban militants, 2 policemen killed in Afghanistan India commits support to Nepal elections Buddhists demand beefed up security for Mahabodi complex Six killed in bomb blast in northwest Pakistan Pakistan silent on leaked report about failure to detect bin Laden 
Report assails Pak officials over Osama bin LadenAl-Qaeda founder Osama bin Laden was able to live in Pakistan undetected for nine years because of a breathtaking scale of negligence an... » 