Microsoft liable for flaws?

In addition to the new Firefox reference, Microsoft's annual Form 10K includes an interesting addition to the otherwise standard passage on the risk factors related to computer security problems. For starters, the heading of the passage last year (scroll to page 31) was simply "Security." This year, (page 14) the title is "Security vulnerabilities in our products could lead to reduced revenues or to liability claims." And here's the newly added language:

We devote significant resources to improving the security design and engineering of our software. Nevertheless, actual or perceived vulnerabilities may lead to claims against us. While our license agreements typically contain provisions that eliminate or limit our exposure to such liability claims, there is no assurance these provisions will be held effective under applicable laws and judicial decisions.

For background, the issue of Microsoft's potential liability for software flaws is one that I explored a while back. See the archived story here.

To be sure, risk factors are standard in such filings to warn investors of worst-case scenarios, and Microsoft appears to be more detailed in outlining those risks in general in this year's filing, not just in the section on potential security risks. But it's interesting nonetheless to see what the company chose to elaborate on when it came to security.