Another week, another security patch! Microsoft has been pressed into action to release yet another patch to plug a hole in its Internet Explorer 6 web browser, which has accumulated an impressive record of holes: over 150 since 18 April 2001. What is more, it is not even a final solution to the latest in a catalogue of security compromises and back doors created by what should be a harmless, albeit essential, piece of PC software.

At Microsoft's TechEd developer conference in Amsterdam earlier this month, I took time out to have a frank discussion with Detlef Eckert, senior director of trustworthy computing at Microsoft about the continuing security problems that are blighting the world's biggest software developer.

Right now the company is almost fanatically committed to completing service pack 2 for Windows XP, the most security-focused update the company has ever released for one of its products. The new service pack will introduce a new, more powerful firewall, with basic predictive scanning capabilities, it will enable almost every security feature by default, including the firewall and will also address many existing security glitches in the operating system through a combined patch install, which providing users actually install the service pack, will address any lax patching over the last year.

'Service pack 2 is going to add significant new security to Windows XP, which will help stop a great deal of viruses, worms and other illegal code from attacking the browser. It won't fix security vulnerabilities in the browser itself, but will add an important barrier between the browser and security attacks' said Eckert.

The concern is that this year will see massive new rollouts of Windows XP on the desktop in US businesses. For many, this will also see a mass migration from the unstable, but safe IE 5 to the stable, but inherently insecure IE 6.

While the move will provide access to a robust operating system (compared to previous versions of Windows), it is likely to bring new patching headaches to businesses, and leave organisations vulnerable that were not previously.

This sudden growth in IE 6 deployment will leave companies with the heavy burden of mass legacy patch deployment from the start, and a continuing security headache, as they rush to keep their patching regime ahead, or at least in step with the hackers and virus writers.

With business mass-adoption of Windows XP set to peak this year, the need for a new, trustworthy browser is paramount, especially as IE 6 is an elderly product in software terms - it's nearly three years old.

Eckert conceded that this is not a new suggestion to Microsoft, and several users have expressed similar concerns about the ageing IE6 browser. He added that the replacement for Windows XP, code-named Longhorn and due for release in 2006 will have a new browser release, though no decision has been made on whether that will be a new version of IE or a whole new browser technology.

Last year Microsoft finally admitted defeat and axed its ailing IIS (Internet Information Server) 5 web server. IIS has been a constant pain for both Microsoft and Windows server users. having suffered from stability and serious security issues for years. The run of emergency patches released during 2002 and 2003 to fend off a barrage of hacker, virus and worm attacks forced Microsoft to kill the current product and completely rewrite it in time for the release of Windows 2003 Server.

The IIS6 web server within 2003 is a completely new piece of code, and the time, cost and effort needed to redevelop its web server from scratch has been rewarded with the news that 116 has not suffered a single breach thus far.

Having addressed the single biggest security problem on the server platform, it is time Microsoft did the same thing on the desktop and put Internet Explorer, and its millions of users worldwide, out of their collective misery.

For now, it seems that companies and users looking to escape from the security problems that dog IE will have to think the unthinkable and look at switching to the likes of Netscape Navigator and Mozilla, or the highly regarded Opera.