Kevin Kean, who had been working as a senior group product manager on Windows Server 2003, is taking over for Steve Lipner as head of the unit that issues security bulletins and patches for Microsoft's existing products.
Lipner is remaining with Microsoft's security unit as director of security engineering strategy. He will lead a small team of people that will create new programs to help Microsoft customers operate their systems more securely.
"It's just another piece of our commitment to trustworthy computing and secure products for our customers," Lipner said.
In January 2002, Microsoft Chairman Bill Gatesan on "trustworthy computing," calling for the company to redouble its security efforts. The company spent an estimated $100 million pouring through its code in an effort to make it more secure.
However, much work, critics say. Just this week, Microsoft and pulled another bug fix after customers complained the patch interrupted Internet service.
"When Bill (Gates) sent out that initial memo, as I recall, he said this is a long-term effort," Lipner said. "We've talked about it being a 10-year effort."
However, Lipner said there are some early signs of progress. He points to Microsoft's .Net run-time framework--the first new product to go through the company's more stringent security development process--which shipped early last year. "It's been out since then (and) there has been (only) one security bulletin," he said.