Microsoft adds security muscle

Microsoft may be a desktop software powerhouse, but when it comes to security tools it is still bulking up.

The Redmond, Wash., software giant announced this week that it is setting up security response and research operations in Ireland and Japan and launched a preview of a new online Malware Protection Center. The efforts are meant to make Microsoft, a security industry newcomer, more competitive.

"This is significant. It is part of the globalization of our research and response effort," Mark Miller, director of communications for security response at Microsoft, said on Wednesday.

Microsoft is taking on incumbents such as Symantec, McAfee and Trend Micro, the world's top three antivirus companies, to conquer part of the multibillion dollar security market. Industry watchers say Microsoft has done an impressive job building its security organization, though the scaffolding has yet to come off.

"Microsoft is entering a very competitive market and one that is new to them," said Andreas Marx, an antivirus software specialist at the University of Magdeburg in Germany. "It will take several more months until Microsoft's products can be directly compared with those offered by Symantec, McAfee and Trend Micro."

Others think it will take much longer.

"It will take some years, perhaps five, for Microsoft to be up to par," said Andreas Clementi of AV Comparatives, an organization that tests antivirus products. "Microsoft's detection rates are still low compared to other products. OneCare today is more of a system utility." Clementi was referring to OneCare's backup and disk clean-up features.

Together with a team in Redmond, Wash., Microsoft's new Europe and Asia research locations will offer round-the-clock coverage of security incidents. Microsoft started selling its Windows Live OneCare consumer antivirus product almost a year ago. Its Forefront Client Security software for businesses is set to ship in the coming weeks.

The security research and response team at Microsoft, as at traditional antivirus providers, investigates and responds to threats. A primary response is developing the "fingerprints" of known threats, called signatures. These are then sent to customers so their machines can be protected against those risks.

Turning irritation into opportunity
Security used to be just something that Microsoft got hammered on, but five years after Chairman Bill Gates launched his Trustworthy Computing push, Microsoft now sees it as a market it had not previously tapped. Yet, the company recognizes that some may balk at what could be seen as Microsoft turning lemons into lemonade.

"Some of our customers view this a little controversially, in a sense that if we could solve these problems at the root, why is there a need for extra products," Microsoft Chief Executive Officer Steve Ballmer said this week. "We do live in a world in which the bad guys are also getting smarter all the time. It is important to be able to lock the core infrastructure and then protect around it in a way that is a bit more dynamic."

[imacpwr]

Just another MS Band-aid fix..

This is the equivalent of a doctor applying a band-aid to a patient <br />with a severely broken arm..<br /> Before they add a band-aid they need to rip out the guts (dump <br />the works) and fix (create a whole new OS) the underlying <br />framework of Windows..

[Penguinisto]

I'll believe the hype when they ditch the NT core.

Until they ditch the NT microkernel architecture and/or codebase for something better, it's all just air and vapor coming out of Redmond.<br /><br />The underlying NT architecture was never made for the uses its being put towards today, as evidenced by Vista and its ungodly high requirements. Exploits are now coming out (almost) daily for even Microsoft's latest and greatest offering... nearly all of the flaws and means are based on inherent problems with the underlying architecture and codebase.<br /><br />To be honest, it's sad and pathetic that an anti-virus industry should be a "multi-billion dollar" one. In a better world, A/V companies would be niche players at best. But... when you've got a swiss-cheese operating system used by zillions, well, this is what comes of it.<br /><br />It's damned sad when an OS maker looks to cash in on fixing their own deficiencies, instead of doing their best to prevent and eliminate them [i]in the first place[/i]...<br /><br />Quality control? Nah - it's easier to pass on the bugs as potential profit for Microsoft's other division; you know, the anti-malware one.<br /><br />Damn am I glad I ditched that OS years ago...<br /><br />/P

[lkrupp]

You gotta hand it to Microsoft...

They figured out how to make even more money on their defective <br />software. So here's how it goes. First build an operating system so <br />full of holes a truck can drive through it. Then set up an entirely <br />new business model to charge customers money to protect them <br />from the defective software you originally created all the while <br />telling your victims how much you care about them. Now THAT's <br />what I call double dipping.<br /><br />My hat's off to you Steve Ballmer. It's frickin' genius

[Sparky672]

Ballmer nails it!

Quoting: ~ "Some of our customers view this a little <br />controversially, in a sense that if we could solve these problems at <br />the root, why is there a need for extra products," Microsoft Chief <br />Executive Officer Steve Ballmer said this week. ~<br /><br />Brilliant.<br /><br />Most people have a little safety switch between the brain and <br />mouth. Ballmer's is broken.

[MSSlayer]

Ballmer has a brain?

I thought he was a robot

[GGGlen]

Thesis, antithesis, synthesis

Create a problem, offer a solution to that very same problem, then <br />bask in the glory of being called a "security powerhouse"/<br />'scuse me while I go off and retch

[timber2005]

Ok now seriously

Though as you are trolling on C|Net new posts... one can therefore make a fair assumption brain usage is optional a serious amount of your life... opps sorry for big words.<br /><br />"Logically" speaking (google logically if you are clueless), do you think (same for the word think) Microsoft would actually ship a product on purpose with holes. Really? Or do you think its 400 lb, generally worthless people, sitting at home, coding away to attack hundreds to millions of people. And even if you DO think its the first... that Microsoft intentionally does that... the second is probably much more prevalant. (Heck, look at the bloody ANIMATED CURSOR flaw. What kind of loser had to find that and make themselves famous?)<br /><br />I'll agree the NT core isn't "the right engine belt" for today's computers. Time for a new one.

[Kenny Yeung]

About the new core

I agree that =]<br /><br />lets see can Windows 7's sandbox mode does

[Penguinisto]

Never ascribe to malice...

...what can be more correctly ascribed to incompetence.<br /><br />To wit:<br /><br />"[i]do you think (same for the word think) Microsoft would <br />actually ship a product on purpose with holes. Really?[/i]"<br /><br />On purpose, as in engineered? Nope - but it would certainly <br />remove any pressure to squash bugs so as to meet the <br />deadlines, wouldn't it? <br /><br />"[i] Or do you think its 400 lb, generally worthless people, sitting <br />at home, coding away to attack hundreds to millions of people[/<br />i]"<br /><br />Considering that those "400 lb. generally worthless people" <br />stand to make a shedload of money off of selling time on their <br />freshly created botnets (consisting of a huge pile of you <br />Windows users)? I'd say they have a HUGE incentive in coming up <br />with new and interesting flaws to get hold of your box, and <br />thousands of boxes just like yours. <br /><br />"[i]Heck, look at the bloody ANIMATED CURSOR flaw. What kind <br />of loser had to find that and make themselves famous?[/i]"<br /><br />A more correct question would be this: What kind of loser would <br />code a [i]mouse cursor[/i] handler to crawl that deep into the <br />microkernel and potentially cause that much damage?<br /><br />How's that for cold logic? <br /><br />/P

[n3td3v]

microsoft's losing battle

they microsoft maybe protecting their own bugs, but what software is going to protect us from the protection software?<br /><br />you guys say "he he microsoft is making money out of their own bugs!", but guys, their protection software _will_ be buggy too and will be hacked by the underground.<br /><br />this isn't a solution, its more microsoft software added to the stock pile of broken code.<br /><br />enjoy the honeymoon, microsoft security software will break your computer further than it is already.<br /><br />expect "patch tuesday" to come along with patches for protection software which is ment to prevent hackers, not add to the onslaughter of global insecurity amoung the fleet of microsoft products...

[Leria]

Hate to point this out

But Symantec's software, McAfee's software, etc. have ALL been cracked at some time.<br /><br />Second, Microsoft does not have BROKEN code. The code does what it is supposed to do but it also does some things that it is NOT supposed to do when exploited by people with nefarious intentions.<br />That is something that Microsoft can do little if anything about in the real world, since code has gotten so complex that no one person knows everything about it.

[Kenny Yeung]

Reminder

Just want to remind everyone. <br /><br />As I see, more than 99% virus is caused by users dowload BT, movies or keygen...<br /><br />If people do have Windows Vista with all updates, I am quites sure that no people will get any virus, because Internet Explorer protected mode prevent anything "write" to HD.<br /><br />In Windows Vista and Windows XP, Microsoft Offers Windows Defender that put spywares out of the way "free", so there is non-sence to say Microsoft will make their software more holes for virus/spyware and the UAC did prevent virus running from PC.<br /><br />Microsoft did admit their software have problem and I agreed that no software is perfect (even Mac OS / Linux).<br /><br />In someday I sure hackers will find the hole in UAC / Defender so do any software does...<br /><br />Everyone is hoping a pain free computer future...<br /><br />P.S. I am a Microsoft Fan Boy, I don't afraid to admit that... Some people like Google, some people like Yahoo... I can tell u that everyone do love something...<br /><br />From time to time I think some anti-virus company develope some virus...

[MSSlayer]

lol

Even an up to date system is exploitable. Attackers are always ahead of MS, or any company for that matter. Then add in MS's normally long patch process and you have very exploitable situation.<br /><br />If a black hat finds a flaw first(very common) it is exploited before a patch is out, before they even start trying to fix a problem.<br /><br />It is like AV software. If I write a virus today, the AV scanners are not going to find it(unless it was poorly written, and just copies older virus code) for quite some time. First someone has to discover my virus, then report it, then someone at an AV company has to research it, then write the code needed to detect it. Meanwhile, if I wrote the virus to do so, it could be rapidly propagating itself and causing untold amounts of grief, and this is while you are feeling secure with your up to date windows box running up to date virus scanners.<br /><br />People get viruses for one reason: they use Windows.<br /><br />The same behavior you describe in a user using OSX or Linux would not cause them to get infected. They would also be safe from my fictional virus.