The lawsuit comes in the wake of two major viruses that took advantage of flaws in Microsoft operating systems.
Filed on Tuesday, the suit also claims that Microsoft’s security warnings are too complex to be understood by the general public – instead it gives hackers detailed information on how to exploit the flaws in the operating system.
Attorney Dana Taschner of Newport Beach, California, filed the lawsuit on behalf of Marcy Levitas Hamilton, a film editor and "garden variety" PC user who had her social security number and bank details stolen over the Internet.
"Something fundamental has to change to protect consumers and businesses," Taschner said.
The lawsuit, which could include millions of plaintiffs if allowed to proceed as a class action, seeks unspecified damages and legal costs, as well as an injunction against Microsoft barring it from alleged unfair business practices.
Microsoft, which received and reviewed the complaint, said it would fight the attempt to certify the lawsuit as a class action.
'Wait a second, if you are going to put out software that needs be patched three times a week, take responsibility for it'
Ex-head of US Department of Justice computer crime unit
"This complaint misses the point. The problems caused by viruses are the result of criminal acts by people who write viruses," said Microsoft spokeswoman Stacy Drake, adding that Microsoft was working with authorities to bring malicious code writers to justice.
But the lawsuit will most likely refuel the debate over whether the software industry should be accountable – as other companies such as automakers – for their end product.
"It's obvious Microsoft does not bear 100% of the responsibility for these problems, but it's just as obvious that they don't bear 0%," said Bruce Schneier, chief technology officer at Counterpane Internet Security.
"This represents the first salvo for consumers to say to software makers 'Wait a second, if you are going to put out software that needs be patched three times a week, take responsibility for it,'" said Mark Rasch, a former head of the US Department of Justice computer crime unit, now with security firm Solutionary.
But with about $49 billion in cash and more than 90% of the market in PC operating systems, Microsoft has long been seen as a potential target for massive liability lawsuits.
But the company, which has been moving to settle anti-trust claims that it abused its monopoly on PC software, has been seen as shielded from liability claims by disclaimers contained in the licenses that users must agree to when installing software, according to experts.