Gates detailed Microsoft's security efforts in his opening keynote at the RSA Conference in San Francisco.
Security isn't just a matter of "simply fixing a few vulnerabilities and moving on," he said, adding that he's very optimistic about the company's security initiative "even though there are many years of work ahead of us."
In the first half of this year, Microsoft plans to release a security-focused Service Pack 2 for Windows XP, he said. SP2 will feature a firewall on by default, a pop-up blocker for Internet Explorer, and a new component called Windows Security Center, which displays the status of security settings and recommends guidance.
Microsoft also is developing Active Protection Technology, which will protect comptuers against worms and viruses by preventing and containing attacks. For example, if malicious code tries to install a back door on a computer, it will recognize the behavior as abnormal and block it. Gates provided no timeline for the technology.
On the spam front, Microsoft is proposing a caller ID for email to authenticate the source of email, Gates said.