Security Advisor

Microsoft Pulls Plug on Trustworthy Computing Group

The remaining members will be absorbed into Cloud & Enterprise and Legal and Corporate Affairs groups.

Microsoft resumed its massive layoffs last Thursday and one casualty was the company's Trustworthy Computing (TwC) Group.

While Microsoft has yet to officially comment on the specifics of the TwC shutdown, it appears that the group joined the 2,100 Microsoft employees that were cut last week. Microsoft veteran reporter and Redmond columnist Mary Jo Foley said that those in the group not affected by the recent wave of layoffs would be split between the Cloud & Enterprise and Legal and Corporate Affairs groups.

Foley also got confirmation of sorts from John Lambert, general manager of network security and science for the defunct Microsoft group, in a tweet: "... my mates, all your TwC is still here. SDL, operational security, pentest, MSRC, Bluehat are just under a new roof."

TwC came from Microsoft Founder Bill Gates' famous initiative in 2002 and focused on strengthening the entire line of Microsoft products from attacks. Out of the formation of the group came the company's monthly security patch updates, released on the second Tuesday of every month, and the development of free Microsoft security tools like Security Essentials and Defender.

While it's unlikely that Microsoft will abandon its monthly patch release or security products that have spun out of the group, it's unclear if and how the absorption of personnel into the two groups will change Microsoft's security focus.

In an editorial piece penned by former Microsoft Security Response Center member Christopher Budd on GeekWire, he argues that the move was done due to a lack of revenue directly from the group, and the injection of security into the Cloud & Enterprise and Legal and Corporate Affairs groups will help to strengthen the connection between security and specific Microsoft products. "TwC was never a revenue-generating group and its power suffered for it. In my opinion from my time there, we were able to get more done as part of Windows than as part of the stand-alone TwC because of that reality. It also puts the security engineering groups closer to the people doing the actual engineering, which is how things really get done at Microsoft."

The closer interaction of security experts with the product engineers may be just the thing Microsoft needs to bring some stability to its monthly security updates. Microsoft has not had the best track record with its 2014 patches, and has had to pull items in the previous three months' rollups due to testing and incompatibility issues.  Foley has hinted that Microsoft will be working on revising how it issues its monthly security updates for the release of Windows 9, code-named Threshold, and this move could be a precursor to that.

Along with TwC getting the axe, Microsoft also closed the doors of its Silicon Valley research group, a subset ran by engineers and computer scientists to brainstorm future Microsoft products.

About the Author

Chris Paoli is the site producer for and


  • Azure Edge Zones Hit Preview

    Azure Edge Zones, a new edge computing technology from Microsoft designed to enable new scenarios for developers and partners, emerged as a preview release this week.

  • Microsoft Shifts 2020 Events To Be Online Only

    Microsoft is shifting its big events this year to be online only, including Ignite 2020.

  • Microsoft Browser Support for TLS 1.0 and 1.1 Ending 2H 2020

    Microsoft announced on Tuesday that its plans to drop support for Transport Layer Security (TLS) protocols 1.0 and 1.1 in its browsers will get delayed by a few months until the second half of this year.

  • Attackers Using Excel Read-Only Files To Obscure Malware

    Attackers can attempt to hide malicious payloads in Excel files sent by e-mail by using a standard Excel feature, according to a Tuesday post by Mimecast researchers.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.