In that memo, sent to all Microsoft employees, Mr. Gates made it clear that the company’s future depended on building software and a platform that could be reliably secure. It was more than talk: in the decade or so since, Microsoft fundamentally changed its software development process to make security a core part of the program.

Too many other companies, though, seem to have missed the memo.

Take Oracle, and specifically the security challenges surrounding its Java software, which the company inherited through its 2010 acquisition of Sun Microsystems. Java, one of the most ubiquitous pieces of software in the world, is so full of security holes — including multiple avenues for hackers to take control of a computer remotely — that the Department of Homeland Security recommends that its users completely disable the software in their browsers.

Oracle is not alone. Adobe, which makes the popular Adobe Reader and Flash applications, has seen a significant number of security weaknesses over the years and also a sharp increase in its software’s being a gateway for cyberattacks. The risks associated with Flash were one reason Apple decided not to allow it on iPhones.

Like Microsoft, Adobe has made strides to increase the security of its technology over the last couple of years, and more recently some of those security improvements seem to be paying off. But it still has work to do.

In his 2002 memo, Mr. Gates cast the security challenge as not just a Microsoft problem, but one for the overall industry. A computer or a network is only as secure as its weakest link — no matter how secure one program might be, a poorly protected bit of software could compromise everything.

That means that on top of investing in their own security, companies have to make efforts to coordinate with other developers to present a united front. Adobe and Microsoft have worked together in recent years to identify and close off mutual vulnerabilities, and other companies should follow suit.

A lot of the talk around cybersecurity has centered on the role of government. But investing in software security and cooperating across the software industry shouldn’t take an act of Congress. It will, however, take a new mind-set on the part of developers. They should no longer see security as an add-on feature, nor should they regard holes in their competitors’ security efforts as merely a competitive advantage. As the world comes to depend more and more on their products, it should demand nothing less.