Microsoft vs. malware: a history

At 2:00 A.M. on July 13, 2001, Microsoft’s then head of security response got a phone call about a computer worm named “Code Red” that was spreading across computers that connected to the Internet. When the worm quickly spread to hundreds of thousands of computers, Microsoft redoubled its security efforts. But the criminals weren’t going away anytime soon.

Some say that this was the defining moment that began Microsoft’s real battle against worms, viruses, and other malware and the people who create them.

Microsoft learned early on that if it wanted to succeed at building trust with its customers, it could not make security an afterthought when developing its products and services.  Thus, the Security Development Lifecycle was born.

Read the full story at

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

  1. Anonymous

    Apparently, Microsoft is running a scam, charging 9.99 to supposedly take the advertising off of their solitaire site, and once you pay , they continue to run their advertising . Funny that Microsoft would be scamming folks for ten bucks !!

  2. Anonymous

    Can,t update 24 items–why?????????????????? TRying for 6 monthd!!!!!!!!!!!!!!!!!!

  3. Anonymous

    yes got a Trojan horse fixed it now I keep getting a warning saying see what files are being sent and can't get it to stop any advise

  4. Anonymous

    I have two complaints the 1st. the malicious software that wont clear . With my Email that goes to my Inbox I can't respond at the botom like I used to it is connected with facebook so I would hi like comment or share now it's all screwed up.

  5. Anonymous

    As I wait to see if my comment passed the moderators, I am thinking that the Morris Worm (late 1988) gave MS 12+ years to prepare for Code Red.  The Morris Worm was the first significant demonstration that a denial of service (DOS) exploit was possible, even though it was an unintended byproduct of the code.  Maybe because it was UNIX being attacked, it didn't send up any red flags in Redmond.

  6. Anonymous

    It's too bad everyone can use computers without ever taking a test and getting a license.

  7. Anonymous

    Who but wonders?

    M$FT made way too much wrong decisions during the life of Windows, especially Windows NT and its native Win32 API making Windows the ideal incubator for malware and sloppy programmers.

    More than 20 years after the introduction of privilege separation and (NTFS) rights the user accounts created during Windows setup are still "Administrators". And no, user account control is not the cure, its just just another symptom that M$FT doesnt take security and safety really serious.

  8. Anonymous

    You people commenting above are shockingly stupid, or naive.  Do you think someone will magically answer your question here on this page?  Wow.

  9. Anonymous

    I believe that MS is doing all things humanly possible to pervent the spread of infections of all types. Not a week goes by that I don't get some type of email from MS with tips on preventing malware (we all can sign up for these).

    They're very informational & if one reads deeply, it can clearly be seen that the greatest threat to one's computer is the one controlling the keyboard & mouse.

    Keep in mind that MS's Malware Response Team is working 24/7, trying to stay ahead of the criminals whom are working the same hours. No security solution is 100% infallible, otherwise we'd all be running it.

    Finally, one of the best things you can to to improve your chances of not getting infected is NOT to click onto things you didn't lookup. Especially ads in pages, no matter the content or whom they say they are. Some criminals are using MS's & other big corporation logos to distribute malware.

    Same with emails, mark as junk any that you didn't solicit & empty the bin. When using free software, keep a disposable email address to register these with & read carefully before clicking. This is how a lot of spyware lands on computers.

    Use common sense.


Comments are closed.