Platform component Grade Rationale
Windows (application layer) B A good patch process helps make up for mistakes of the past.
Windows (kernel layer) B Openness helps protect a small area of risk that can have huge implications.
Development environment C+ Making a start, but otherwise leaves it up to developers and ISVs.
Security tools B+ Firewalls, adware identifiers, and other tools enable IT professionals to manage their own security.
Responsiveness A- Doesn't waste time in delivering fixes to critical vulnerabilities, but argues for secrecy until it creates those fixes.
Effort A The resources available for learning about, addressing, and managing security are large and growing.

Table 1 Does Microsoft Security Make the Grade?
It's been four years since Microsoft announced the Windows Security Initiative and reinvented itself as a security-conscious company. In the interim, it has made progress on some significant issues, while it still has a lot of work to do on other issues. Notably, one of the biggest security holes remaining in Microsoft's platform is in its developer tools, and Visual Studio specifically.