Mary Jo Foley posted a story http://blogs.zdnet.com/microsoft/?p=551 from an interview I did with her at WinHEC.  It was verbatim, so I can't really blame anyone else for misconstruing or editing what I said.

However, I will say something that didn't come across from what I said. I am incredibly proud of the outcome of the Windows 2000. I think it did change the industry hugely & was the wedge that moved Windows Server to being the system that now ships as the largest percentage of servers.

I was criticising the way the release was run. Oddly, I believe I am uniquely qualified to criticise the Project Manager for Windows 2000 - seeing that was my job...

There were a couple of other things I see now that we did really wrong. The big one is security. I was 1999 & the web 1.0 was going strong. We wanted to make the best server for the internet – or what we thought it was in 1999. This lead us to the dumb idea of opening a bunch of ports & turning in a bunch of services that we should have left closed & off. This was fixed partially in Windows Server 2003.  I think it is fixed in a big way in Windows server 2008 – especially on x64.  Layers of security is the only way to do it.  If you really want to know about what we’ve done for the Security Development Lifecycle, see Mike Howards’ Blog.