Statements by Brad Smith Regarding the Sasser Worm Arrest

REDMOND, Wash. — May 8, 2004 — The following comments were issued by Brad Smith, senior vice president and general counsel at Microsoft, in response to the Sasser Worm arrest:

“The release of malicious code on the internet is a crime. The arrest of the individual responsible for the Sasser worm demonstrates that reward programs play an important and effective role in helping law enforcement identify and prosecute these criminals. It gives people with information the incentive to do the right thing, by coming forward and sharing their information, with companies like Microsoft and with law enforcement agencies around the world. This program made a critical difference in this case and was the missing link. It connected the individuals with the information with law enforcement and their information about the worm itself. In the same way as we move forward in the future these reward programs will continue to play an important role by encouraging individuals with information to come forward and assist law enforcement so we can all be more effective in making the internet more secure.”

“We all need to do our part, just as we all buckle our seat belt when we get in a car, all of us at home need to take simple steps to protect our pcs. We need to keep our Internet firewalls turned on, we need to keep our software up to date, and we need to keep our anti-virus software up to date as well. Theres very easy to follow information for consumers at Microsoft.com/protect and these provide helpful tips on what consumers can do.”

“Microsoft worked very closely with German law enforcement in identifying and tracking down the individual who created and distributed the Sasser virus. This is part of a broader effort, we are working with law enforcement agencies around the world to provide technical assistance, and to provide rewards for individuals to encourage individuals to come forward and share information so that law enforcement can identify and track down perpetrators successfully.”

“Microsoft worked very closely with German law enforcement on this case. We had created an anti-virus reward program in November, during the last week individuals in Germany who were aware of that program came forward, they offered to provide information to Microsoft investigators, and working under our anti-virus reward program we were able to connect them with German law enforcement to verify the accuracy of their information and assist German law enforcement in pursuing this arrest.”

“We recognize the critical importance of keeping consumers secure when they are using the internet. Microsoft worked very closely with German law enforcement in pursuing the individual responsible for the Sasser virus. In the same way we are working with law enforcement agencies literally around the world on a day-in, day-out basis both through technical assistance and through programs like this reward effort which encourages individuals to come forward when they have information that can be helpful.”