Microsoft's seemingly endless legal tussles with an alphabet soup of state, federal, and international agencies continued Thursday.

The Federal Trade Commission says it has settled charges against the company in which the commission claimed that Microsoft made false statements about security measures used to protect user data in its Passport Web service.

The FTC says Microsoft's claim that purchases made through Passport were more secure than typical E-commerce transactions did not stand up to technical scrutiny. It also says Microsoft did not employ "reasonable and appropriate measures" to protect consumers' personal data, including credit-account numbers. Commissioners also charged that Microsoft did not fully disclose the extent of personal data it collected on Passport users.

Under the settlement, Microsoft must beef up its Passport security systems and have them inspected by an independent professional every two years.

In a statement, Microsoft--which earlier this week was explaining how it's going to comply with a Justice Department order--said that it knows of "no instance where a Passport user's information has ever been compromised." Microsoft has conceded that security measures in Passport in 1999 are outdated by today's standards.

However, the company's legal woes over Passport may not end with Thursday's settlement. European privacy regulators are also looking at the software to be sure it meets their own privacy standards. They have not as yet launched a formal probe.

If only the Passport problem were Microsoft's biggest court headache. This month or next, D.C. District Court Judge Colleen Kollar-Kotelly is expected to decide whether to let Microsoft's settlement with the Justice Department on monopoly charges stand as is or amend it to include remedies sought by states that oppose the deal. Among the dissenting states' proposed remedies: ordering Microsoft to unbundle Explorer and other middleware from Windows--a move that could dramatically alter the competitive landscape in the computing industry.

Monday, Microsoft said it would make public a number of application programming interfaces and client-server communications protocols as required by the DOJ settlement.

But while some users say the move will help them develop programs more efficiently, Microsoft rivals say it does little to address their concerns and say the harsher remedies proposed by the states are the only way to level the playing field. Complains one senior executive at a Microsoft rival: "They are releasing APIs that they have already been using for a year, so we're a year behind."