Christoph pushed this out, and I found it to be interesting. The subtitle of the article says "At the BlueHat meeting, many third-party security personnel came away impressed with Microsoft's adoption of their own security measures and techniques".
I think it's cool that Windows Vista can stand the test at BlueHat. And yes, Microsoft takes security very seriously - and you can see this in many forms.
Several nice quotes came out of this from InfoWorld and bloggers. For example,
"One well-known researcher who goes by the name Halvar Flake called Vista "arguably the most secure closed-source OS available on the market," in a blog post about BlueHat. "As a result I think that most of the security researchers will move on to greener pastures for a while. Why try to chase a difficult overflow out of Vista when you have Acrobat Reader installed, some antivirus software with shoddy file parsing, and the latest iTunes?"...
Actually, the blog post (the link above) is even more intriguing than the InfoWorld article. Here is another quote from Halvar Flake's blog post:
It is important to keep in mind though that everybody is just waiting for Microsoft to become complacent again. Secretly, all attackers are hoping that Vista will be a failure, security spending will be scaled back and nobody will attempt to build a secure mainstream OS again.
I can't conceive Microsoft ever becoming complacent on the topics of security - EVER. It is in every phase of product planning and development, in every IT service that we consume as employees, in our employee handbooks, and in a lot of talks that DPE gives out.
If you'd like to hear more about our security initiatives, let me know. If I can get to your location, I'll attempt to connect with you with one of my DPE brethren in your area.