Speaking at a gathering of U.K. press, Ballmer said Microsoft's "trustworthy computing" effort is far more than just a one-off initiative.
"We will be working on '' for the rest of my days at Microsoft, which I hope are many. There are bad people out there in cyberspace, and they are not going to go away. We are going to have to be vigilant. That's going to last for the duration," he said.
But despite the ongoing rounds of new security vulnerabilities and virus alerts, Ballmer said he believes the situation has improved greatly and can only get better.
"It's not like five or six years ago viruses didn't exist. More damage has been done in other periods of time (than today). The last 12 months was a better 12 months by a margin. I do believe in the next two to three years we'll get good enough and customers' practice of implementation will get good enough," he said.
Ballmer admitted that getting it wrong is not an option for Microsoft. "Security is the potential downside for the business. Do people have enough faith? That's why we made security job one priority at Microsoft."
Microsoft and Ballmer have said that the company will look at new markets and new areas of innovation for future growth. One area that analysts and industry watchers have tipped is the, possibly with the acquisition of one of the big players such as McAfee.
Ballmer declined to elaborate on Microsoft's plans with regards to launching its own security products but also didn't rule out the possibility of acquisitions, whether in the security market or any other area of its business.
"We're always looking at acquisitions, but we don't have cash earmarked for acquisitions. Almost all of those (big deals) are done for stock anyway," he said.
One area Ballmer did highlight for future security innovation was the concept of "isolation," which has already been partly introduced with. This technology is intended to ensure that PCs, laptops and other mobile devices are virus-free and have all the latest security updates and patches before being allowed to connect to a corporate network.
In corporate settings, Ballmer said, "the No. 1 way people get viruses is, in fact, with machines that are on their networks sometime and off the network other times. How do you check before you reintroduce someone to the network? It's a form of isolation."
Ballmer said the goal is to have the technology out before the next iteration of Windows,, and at the latest "certainly by Longhorn."
Microsoft has had less luck in getting its Sender ID e-mail standard for stopping spam accepted by the rest of the industry; it wassuch as America Online. But Ballmer reinforced Microsoft's commitment to the concept.
"We're doing a little bit of rethinking but the technology and the way we've done it, we still think, is spot on," he said.
Andy McCue of Silicon.com reported from London.