Euro browser flap
Microsoft failed to live up to an agreement that it would display a Windows screen giving users the option to pick Internet Explorer or some other browsers.
While Microsoft says the problem was caused by a technical glitch and has worked to correct it, it's still facing down a possible $7 billion fine from European Union regulators. While Microsoft would likely survive the hefty penalty, it's really a case of the company shooting itself in the foot. It is also damaging its reputation in not only Europe where customers were directly affected, but worldwide where end users heard about the case and adjusted their opinion of the company accordingly.
The launch of Windows Phone 8 this fall revealed an operating system that met with generally good reviews and a phone -- Nokia's Lumia 920 -- that shows it off to good advantage.
The problem here is that it comes so late after the iPhone and Android phones have dominated the market. The company must now dedicate itself to a long-term effort to scratch its way up from 2.6% of the market, according to IDC estimates, to something more significant.
IDC thinks Microsoft will succeed in that goal by claiming 11.4% of the market in 2016 -- a terrific boost. But the company leaves a lot of smartphone money on the table by coming out so late with a compelling product.
Windows Phone 8 itself may pan out to be a winner, but the overall handling of Windows Phone to date racks up as a loss. And with Microsoft's desire to link all its mobile platforms, a slow start for Windows phone hobbles that larger effort.
Microsoft boosted by 15% the fees it charges for licenses that allow users to access servers, squeezing more money out of customers while still giving them a better deal than the alternative.
This is likely good for Microsoft because it means more revenues, but it's just another reason for business customers to carp about being gouged for software.
Corporate employees are moving toward use of multiple devices in the workplace, making licenses based on numbers of users attractive rather than licenses based on individual devices. Even with the price hike, many customers will wind up paying less for user client access licenses (CAL) than for device CALs. But that won't eradicate the bad taste from their mouths.
The complex Flame espionage malware that infected Iranian government computers earlier this year was in part enabled by a Microsoft security snafu.
A key element of Flame called for exploiting weaknesses of the MD5 hashing algorithm. Microsoft had urged in 2008 that network administrators and certificate authorities stop using the hash because researchers had discovered how to exploit it.
Microsoft officially disallowed its use in 2009 but failed to weed it out of its own products, particularly Terminal Server Licensing Service. Researchers figured out how to compromise MD5 using what they call collision attacks to obtain fraudulent certificates that are accepted as real. This allowed attackers to send malware that victim machines accepted as authenticated Microsoft updates.
Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at firstname.lastname@example.org and follow him on Twitter @Tim_Greene.