The Web    Google
Microsoft Defends Security Approaches

Microsoft Defends Security Approaches
January 28, 2005

For many online users, the thought of Microsoft (Quote, Chart) jumping deeper into the computer security software game might seem a welcome and logical respite aimed at helping rid their lives of spyware, malware and worms trolling the Internet.

But as more research firms point to a steady growth of users abandoning Microsoft's Internet Explorer browser in favor of Firefox and others, security analysts see a new effort by Microsoft to ramp up security offerings in order to nip the erosion. Anti-virus vendors, meanwhile, see a potential new competitor in the sector.

"There is a lot going on but it seems obvious they'd like to stop these defections," John Pescatore, a Gartner research fellow, said of Redmond's recent activity.

Those initiatives include last month's purchase of anti-spyware company Giant Company Software, signaling Microsoft's determination to gain a measure of control over security breaches that have plagued IE and its ubiquitous Windows operating system. Just weeks after the purchase, the company rushed out a beta of Giant's anti-spyware tool, which includes spyware removal tools.

In addition to the spyware-sniffer beta offer, Microsoft has reportedly mulled a plan to sell anti-virus software. It also recently began deploying external testers under its Security Update Validation Program in order to bolster its monthly patch program by bringing on select patch testers.

The timing of the releases has security analysts and anti-virus vendors questioning how much heat Redmond is feeling.

Gytis Barzdukas, a marketing manager in Microsoft's security business and technology unit, said the bottom line is that the company is addressing customers' needs with its security initiatives. This includes its ongoing Trusted Computing initiative, working with anti-virus vendors, free spyware removal tools and an enhanced external patch program.

"We've hardened the operating system with SP2 [service pack 2]," which includes enhancements to security with IE, he said.

As for Microsoft's malicious software removal tool, it is designed to complement existing anti-virus offerings, which scan and protect users' computer systems.

Despite a rather negative review of the anti-spyware beta by Walter Mossberg of the Wall Street Journal recently, Barzdukas said reaction has been largely positive. In his column, Mossberg wrote that he "could not recommend it." He noted that built-in defaults drive the user to MSN, which "smacks of the same kind of coercion the spyware authors are using."

Pescatore said his main issue with the beta tools is that they only work with Internet Explorer.

"If they want to bring this to market, they are going to have to have it support Mozilla, especially if they wanted to sell the software to enterprises," he said. "They've got it baked into their DNA that everything defaults to MSN. If they expect to sell it as an enterprise product, they need to change also."

Barzdukas said Microsoft may address such default issues in a subsequent beta of the product. In addition, he told, the criticism is somewhat premature, especially for an early beta of the product.

"We're doing a lot of work on this," he said. "Spyware is a growing problem. It's everywhere. That's part of the reason we rolled out the beta within 21 days of acquiring Giant. We felt it was important enough to put it out there. That's the whole concept of a beta."

The numbers also speak volumes, he added. Microsoft's spyware removal tool has seen over three million downloads since its release earlier this month.

"This is really about making sure we can scan and remove viruses already on a machine."

The products could also signal a bigger shift into the anti-virus software business, say security analysts, which would put Microsoft in direct competition with major anti-virus and security vendors such as Symantec (, ) and McAfee (, ), Microsoft's sometime business partner.

Bill Kerrigan, senior vice president of the consumer division at McAfee, said his company is capable of thriving under the pressure of new competition -- even if it is from Microsoft -- but admitted anyone would be crazy not to be concerned once a major company takes aim at your marketplace.

"We are hearing from both partners ... and from customers, they do not want to manage a portfolio," he said, alluding to the competitive advantage his company's all-encompassing multi-layered protection IntruShield would have over multiple tools from Microsoft. "It has to be comprehensive but very easy to use."

But he also said Microsoft's entrance into the market would create consumer awareness, brining about more business. Still others warn that Microsoft could quickly figure out a way to drive that business back to its Redmond campus.

One chief complaint repeated numerous times about the beta is that Microsoft is selling a product (Windows) that is often the root of security problems, and is mulling selling a product that is intended to remedy those problems.

"It's a bit like selling the radar gun to the police and then the radar detector to the speeder," said Shane Coursen, senior technology consultant with Kaspersky Labs. Coursen said it was logical to assume that Microsoft was hearing the footsteps of alternative browsers and operating systems threatening its dominant market share.

Thomas Kristensen, of Secunia, echoed this theme, saying Microsoft ought to give IE security the highest possible priority and that it should ensure the time between discovering vulnerabilities and issuing patches for them decreases.

Barzdukas said Microsoft's Security Update Validation Program is a new process to its patch program that includes working with a set of customers to make sure patches are issued in a timely manner without breaking applications.

"We just can't throw a fix out there without testing it. We have software running on hundreds of millions of computers. This is to make sure the cure is better than the pain customers are feeling," he said. It is also to make sure that customers get an opportunity to run a test of the patch before it's released, he added.

As for the recent anti-spyware features, Microsoft has a relationship with the entire security industry via the , countered Barzdukas. The mission of the group, which counts security software vendors as members, is to "educate and protect Microsoft customers against the threat of malicious code attacks as well as emerging Internet threats."

"We talk to these vendors on a daily if not a weekly basis, and we'll continue to work them," he said. "Our recommendation is to have a firewall and anti-virus software running, sign up for updates and make sure users are running current anti-virus software."

Erin Joyce contributed to this story.

  • SQL Server Security Checklist
  • 7/20: Mydoom.L@mm a Mass-Mailing Worm
  • 4/15: Kelvir-J an IM Worm
  • Locking Up All of That 'Free Information'
  • Data Brokers Step Into Senate Panel's Fire
  • AntiOnline Security Spotlight: CD-Wrecker
  • Cisco Fixes a Pair of IOS Vulnerabilities
  • Information Theft Reaches Estimated $59 Billion
  • 9/24: Adware-LesToolbar an Adware Program
  • 3/25: Clunk-A a Password-Stealing Worm
  • 9/22: Rbot-KJ Worm Has Backdoor
  • Home Security Camera Background