Microsoft will pitch security as a "competitive advantage" at its worldwide partner conference in Toronto next week, but it will be a tough sell especially since attendees are still waiting for it to deliver on some of last year's security promises.

Last year attendees cheered in that wonderful American way when CEO Steve Ballmer roared on about the security challenges the company faced and spoke about how it would tackle them. But Microsoft has failed to deliver on most of the promises Ballmer made.

Customers are still waiting for a single patching experience and an update to the Software Update Services (SUS) patch management tool, both of which Ballmer said would be out in the first half of 2004, and still aren't. Plus of course there is the eternal Service Pack 2 for Windows XP which was due in the first half of this year but is now expected some time in the third quarter. Maybe.

As a result, many of Microsoft's partners turn up at the conference with the self-same security concerns as last year, said Paul DeGroot, an analyst at Directions on Microsoft. The concerns may have even grown because of the recent attacks on the Explorer browser, he said. "There have been enough fires between now and last year's Worldwide Partner Conference; security is still going to be a preoccupation for partners," he said. "The things that Ballmer promised progress on haven't been achieved."

IDC research director Marilyn Carr agreed: "You can expect to hear the same issues tabled this year, as they have not gone away," she said. Partners, just like end-users, want Microsoft to make it less of a headache to keep up with security patches, she said.

Microsoft has planned 10 sessions on security at the event. But, incredibly, Microsoft's website paints the sessions as though security issues are a thing of the past for Microsoft. "Clearly security has become a competitive advantage as we engage with our mutual customers," it reads.

Ballmer will address attendees on the final day of the conference. He will be joined on stage by Mike Nash, head of Microsoft's Security Business and Technology Unit. A security-related announcement is expected, but Microsoft declined to comment ahead of the event.

This year's partner conference will be the second event to combine Microsoft's "traditional" partners with those that it inherited when it bought Great Plains and Navision, applications vendors that are now part of Microsoft Business Solutions (MBS).

Microsoft has also been consolidating its various partner programs into a single, global Microsoft Partner Program, announced in October. The new program went into effect in January and will be implemented in phases through 2005.

"Microsoft is at a very transitional stage,"said DeGroot said. "I expect them to announce a few additional services for partners at the conference, but I think they are in a situation where they probably don't want to significantly tweak the partner program."