Microsoft's security product hits home stretch

Microsoft plans to release its subscription security program before the summer and to challenge its main rivals on pricing, CNET News.com has learned.

Windows OneCare Live marks Microsoft's long-anticipated entry into the consumer antivirus market, which has been the domain of specialized vendors, led by Symantec and McAfee. Two years ago, Microsoft announced its intent to offer antivirus products when it bought Romanian antivirus software developer GeCad Software.

The Redmond, Wash., software giant plans to release the final version of OneCare before summer and to charge about $50 a year for the product, sources familiar with the company's plans said Monday. The company is scheduled to announce the pricing and availability details later this week, they said. A Microsoft representative had no immediate comment.

OneCare combines antivirus, anti-spyware and firewall software with back-up features and several tune-up tools for Windows PCs. Microsoft announced its plans for the service in May. Invited testers have been trying it out since last July, and a public test version was released late last year.

Current OneCare testers will receive a steep discount on the final product, sources said. As a thank-you for test driving OneCare, Microsoft is expected to give a 60 percent discount to beta testers, they said.

Microsoft will sell OneCare purely on a subscription basis--a change from the traditional box-based way of selling security software. Symantec and McAfee sell their boxed security suite products for $69.99, before any rebates, and then charge an annual renewal fee. However, both security incumbents have also been moving to a subscription model.

In addition to adding subscription options, traditional security software sellers have prepared for Microsoft's entry into the market by adding anti-spyware to their security suites. Symantec later this year also plans to introduce a security product, code-named Genesis, that will be sold on a subscription-only basis and has many of the same features as OneCare.

The global antivirus market is growing; it reached $3.7 billion in revenue in 2004, up 36 percent from 2003, IDC said in December. The market research outfit forecasts the antivirus market will grow to $7.3 billion in 2009.

With OneCare, Microsoft is targeting consumers, especially those who do not run security or have let their current product expire. It believes 70 percent of consumers fall into that category. In a recent research note, analyst firm The Yankee Group estimated the niche as a market worth potentially $15 billion.

The company plans to include Windows Defender, an anti-spyware program, within Windows Vista, the update to the operating system planned to arrive before the 2006 holiday sales season. However, there are no plans to bundle antivirus software in Vista. And given that it's expected to come out this summer, OneCare will launch before the update.

Microsoft is also eyeing the enterprise security market. It is working on a new Microsoft Client Protection product to defend business desktops, laptops and file servers against malicious code attacks.

[hfhlt004]

OneCare Inclusions

Sorry, but both MS site and articles about OneCare are unclear to the general public about the inclusion of Defender in the OneCare product.

[sneaky2]

One Care $$$

Just another way for M$ to take your money and for Bill's empire to become even more of a monopoly!

[ordaj]

Microsoft has only ONE CARE...

...making money. And this is a racket. If they make the OS less secure, they can make more $$$ from *security* products. Where's the incentive on the front end???

This should be investigated by the Justice Dept. because this just ain't right.

[Stan Johnson]

Why shoud anyone?

I like using Windows, however, why should I buy security software from the same company that make the OS so vulerable. It seems that Microsoft should make the Windows OS as secure as possible without any addition charges or hoop for consumers to jump through. I will never purchase The MS security product in protest. I have an idea! How about making the OS secure! What a rip off!

[sneaky2]

Why shoud anyone

I agree 100 %

[privatec]

Agreed

Simply astounding. How can anyone get away with selling
software to patch holes in their own product? If the take-up of
this software is good then where is the incentive for them to
make the OS more secure?

"OneCare combines antivirus, anti-spyware and firewall software
with back-up features and several tune-up tools for Windows
PCs."

Doesn't this translate as "Windows is prone to viruses and
spyware, has a firewall but it's not very good, and don't even talk
to us about the backup and tweaking tools..."

Am I crazy? Is there any decent justification for this?

[Jamie314]

Mistake!

"the update to the operating system planned to arrive before the 2005 holiday sales season."

Umm, no. I think you meant 2006 holiday sales season. I know Microsoft's Vista release is becoming a joke, but you're just being ridiculous :p

[KarenSaid]

Thanks for the catch

Sorry about the typo--it's fixed now. We appreciate your close eye on our stories.

[Roman12]

Biggest rip-off yet.

It would seem then, that if they choose to go on with this anti-virus product, that it would become more profitable for MS to not fix flaws on purpose, so their customers spend even more of their hard earned money on yet another MS product, which probably will have flaws of it's own.

I believe that this should be free because Windows itself if not free, and we paid good money for this OS.
__________________________
R.K.
www.Remove-All-spyware.com

[hfhlt004]

Windows OneCare simplicity

So either don't use Windows or buy more expensive security products from other companies, making sure they don't conflict and learn how to do your own backups........ Some of these comments would compare with "Doctors can make more money if they create more illness".

If this product does the job and is simple to use, I would buy it.

(No I'm not a techie and don't own Microsoft stock)

[Thomas, David]

Conflict of Interest

If you can be so blind as to not realize that everyone commenting against this, whether it be eloquently or not, is right on the bulls eye about this announcement.

It is a definite conflict of interest for Microsoft to even suggest selling such a product, when all they have been doing is promising how secure Vista is (going to be). Can't you smell it?

One born every minute as they used to say. "I would buy it" .... you may not be techie, and not own stock, but you should at LEAST be able to tell when you are getting royally screwed.

[privatec]

Unfortunately ...

"Some of these comments would compare with "Doctors can
make more money if they create more illness" "

Yes, this is exactly what this situation is like which is why so
many people are astounded by it. Another comparison would be
if your car turned itself off at every set of lights and the
manufacturer tried to sell you a system to keep it running
instead. There would be no need for this product if the OS had
been better designed.

The difficulty here is I suspect you are caught in the Windows
world. I've been there, when I switched to Mac OS it was an
experiment but after a week I was fully switched and actually
had a couple of times where I wondered what I would do now
that I didn't need to maintain a system. Making sure my Vaio
was secure had become a hobby.

It doesn't need to be that way.

[Stan Johnson]

You are waiting to be duped.

Microsoft presents a systemic conflict of interest in this instance. They create a vulnerable OS and then charge you for a software product, made by them, to protect it. It makes no sense for the consumer. This product should be offered free if it relates to the security problems of the OS. You must be so rich that you don't mind the rip off or the constant security problems of the OS. Get a clue and learn to be a smarter consumer or enjoy forking out your cash to those that created the security issues that you need to protect against. LOL!

[System Tyrant]

Anybody who pays for OneCare...

is an idiot.

Now I'm not saying that it's a bad program or bad idea. I'm saying that anybody who is willing to pay Microsoft to secure Microsofts products is an idiot.

I know I'm going to catch flack for that comment, but it doesn't make it any less true (or false). I just think that people who put faith in security software from a company that can't secure the software they are selling the security software for is living in a fools paridise.

[thurgoodj187]

the problem with that

is that there are a lot of idiots out there.

Moms buying computers for their teenagers, older people that don't know anything...whatever. Microsoft will make money on this product, because when the majority of people are at Best Buy getting thier toshiba the sales guys will sell it to them. They hear every now and then about virus's and antivirus software, but 75% of people don't know anything other than:

"If I have antivirus I am safe"

which is naive. Microsoft may make some money from the home markets, but I would not expect the business or technical world to waste thier money on this product.

Steve

Dr. Patches

This - Security - from the company that brings us daily patches
for their innovative and easy to use software... LOL Just another
way to rape us for our personal data. Let me guess... we need a
.net profile?

[Thomas, David]

One Glaring Question ... Maybe more

Isn't the global security software business growing because of the very OS they distribute?

Why are the trying to kill of the companies that sell software that protects the consumers that user their OS?

Didn't Allchin state, LAST WEEK, that consumers should be Vista, if for anything else, the security?

Something is seriously wrong with this picture!

[Thomas, David]

Sorry about the typo-s

eom

[Thomas, David]

One Glaring Question ... (re-typed)

Isn't the global security software business growing because of the very OS they distribute?

Why are they trying to kill off the companies selling protection software to the consumers that user their operating system?

Didn't Allchin state, LAST WEEK, that consumers should buy Vista, if for anything else, the security?

Something is seriously wrong with this picture!

[Thomas, David]

dang!

oh well, but you get my point.

[Michael G.]

Microsoft Security Suite

It seems an odd conflict of interest that OneCare plans to be introduced around the same time as Windows Vista---however, at least we can give credit to Microsoft for at least attempting to externally fix the security problems in their OS. If it came down to a choice between OneCare and Norton, I would try out OneCare. I use Microsoft anti-spyware(beta), and it's pretty good. I don't use it exclusively, but it has some nice features.

It seems to be the popular trend to rant about Microsoft, every time it attempts to create a security solution to its products. Yet this is the continuation of a security trend for Microsoft that should have occurred sooner. XP didn't get a firewall until XP SP2, and it only makes sense that an anti-spyware and anti-virus solution follow, along with added utilities, to complete the security suite.

My only problem with OneCare is that it should be offered as a free product, as Microsoft's other security products. It seems the responsible thing to do---if Microsoft created the problem by the flaws in its OS, then it should consider the OneCare security suite to be a larger form of patch.

[Earl Benser]

I echo the question....

With Alllchin bragging up the strong security aspects of Vista,
why would MS even consider a product like this????

Don't try telling me "Xp and earler OS's need it". Symantec and
Macafee have them covered in spades.

Maybe Vista has more holes than MS wants to admit?

Or is this just a product mistake by a section of MS that wasn't
paying attention to what the rest of MS was doing?

Or maybe MS is just unsure of things enough to want to cover
everything two or three times over???

[Charleston Charge]

Definitely raises questions

If MS wanted to get into this business it seems like they should have started 10 years ago, not now when Vista is due to be coming out. With the hype of Vista's security you would think this product isn't really necessary but until Vista is finally released we can only speculate on how secure it will be.

[thedevilbegone]

To keep the antitrust guys away... what else?

For every software that MS tries to implement into the OS, they are sued by a host of rival product companies in that category. Keeping this in mind the One care as a separate product does make sense. The timing is just coincidental. There is no co-ordination between the separate departments within Microsoft till the release of a product. (Only with MS Office - even the latest Beta versions are installed on most employee workstations)
For internet explorer, it was Netscape griping. For media player, it was real and music match..
And now if MS adds One care to it's OS, imagine it would be another long drawn suit from Norton, McAfee, Kaspersky, Alladin and the rest.

[Michael G.]

Titanic Questions...

If you were on Bill Gates' sinking ship concerning Windows and security, what would you do? Would you stay to the last, as Captain Gates will? Would you jump overboard? The one care we all have here is trying to keep these PCs afloat. OneCare may not be a lifeboat, but it makes for a good raft.

[Michael G.]

Question For Earl:

It seems that maybe I'm being a bit too optomistic concerning Vista and OneCare---but then again, I'm running a Windows PC...what do I have to look forward to, Earl, besides more of the same? That is, unless I get a Mac or switch to Linux.

It's a bit difficult to be optomistic about Vista, given Microsoft's past experience. But if we don't upgrade, what is there to look forward to? More problems with XP? I'm considering taking the chance and upgrading to Vista---not because it is necessarily "better" than XP, but because it couldn't possibly be worse. Or could it? This is where you raise some interesting questions. Windows XP runs pretty well if it's properly taken care of, and security issues dealt with.

Maybe we should all wait this thing out and see how this works out for Vista---let others buy it first, and if it's good, then decide to upgrade. That seems like the safest plan. I know I don't want to go through the trouble of upgrading if Vista is going to be worse, security-wise, than XP. As far as OneCare, I don't plan to use it even if I upgrade to Vista...there are better security products available.

[Stan Johnson]

Creates incentive to create poor OS security

This product provides a sick incentive to Microsoft to produce a less than secure OS. They make the unsecure OS and now they want you to BUY some more of THEIR software to protect yourself from the security problems in that Microsoft OS. Why should anybody trust this. It is a scam pure and simple. This product should be part of the upcoming OS free of charge. I like Windows and Microsoft but this is a blatant CONFLICT OF INTEREST. Microsoft, if you can't produce a secure OS you shouldn't charge for a product to protect it. What a scam!

[Macsaresafer]

Have you bought Windows?

Your purchases provide the incentives for companies to produce.
Windows has had significant security issues for at least 12 years, so
if you've bought it in that time, you voted for more of the same.
Either vote differently or accept things as they are.

[GruntboyX]

fanboyism

I rely on Microsoft products not because of stability. Stability and security are priority number 2. I need functionality. I rely on Excel daily for my job and there is no other alternative period. PERIOD. OO is not even close. The writer application is decent for wordprocessiong. But there calc/Excel equivilent is not even on par. Its graphing interface is whoefully confusing, and they dont have 10% of the graphing and data manipulating capability of excel. I am tired of open source fanboyism. yes Microsoft has its security nuances. but they are nuances. The functionaly and productivity the software offers completely counterbalances the once every 2 years i am down. I make up for it for the lack of functionality of opensource products.

Dont get me wrong there are some real jewels of OSS out there. Apache, Firefox. But majority is only 30% functional compared to microsoft or closed source equivelent.

Furthernote. I have used Windows One Care and it is simple, fast, and does the job. Norton and Mcaffee Use bloated and slow interfaces. I feel Microsoft may have gotten something right on this one.

[Stan Johnson]

Go ahead and buy it FANBOY!

Go ahead and buy it FANBOY!

You deserve it.

[privatec]

What does OneCare give you...

Okay, sorry but I have to do this.

From http://www.windowsonecare.com/prodinfo/default.aspx

? Comprehensive, integrated, automatic computer
health service

Whohoo. Sounds good.

? The Windows OneCare health meter gives you a clear,
continuous indication of your computer's overall level of
protection and performance. If Windows OneCare detects
anything that you can do to improve the health of your
computer, the service will automatically show you what action to
take and give you a one-click solution.

This doesn't sound to much more than automatically checking
for updates for firewalls and virus scanners, and Windows
update itself. All of which you already have.

? Antivirus and Firewall help protect your computer
from viruses, worms, Trojan horses, hackers, and other threats.

Windows has a firewall, does it not work properly?

? With a click of the mouse, you can directly scan
individual files and folders for viruses. You can even check
attachments that you receive through MSN Messenger for viruses
or worms.

Oooh, just like every other virus scanner in the world, which,
incidentally, Unix based systems don't seem to need.

? Trustworthy, reliable Backup and Restore

Doesn't Windows already have a backup feature or is that just XP
Pro? (Never used the home version).

? Windows OneCare Backup allows you to copy your
important files and settings to CDs, DVDs, or to an external hard
disk. Regular backups can help you protect your important data
from loss due to accidental deletion, viruses, or hardware or
software failure.

Use something like Ghost and clone your entire drive instead
because when Windows goes down hard you'll need it if you
don't want to spend all night reinstalling everything. Good
practice for any OS.

? If you use an external hard disk drive, you can
configure Windows OneCare to perform an automatic backup of
your important data as part of your regular Tune-up.

Gasp. How original! Okay, I'm deliberately mocking there but I
already have the in-built scheduler doing that on my old Vaio
laptop.

? Automated Tune-up for increased performance

Okay....

? Tune-up takes care of routine maintenance and helps
improve your computer's performance. This automated service
performs the following functions:?

? Automatically scans your computer for viruses.

Like the virus-scanner you already have (unless you're suicidal
or using another OS).

? Defragments your hard disk to help improve computer
efficiency.

Can't we already automate this? In any case it just requires a
couple of mouse clicks, the ability to defragment is built into
Windows.

? Removes unnecessary files from your computer to
increase available hard disk space.

Is this anything more than the Cleanup feature in Windows?

? Helps make sure that important security updates from
Microsoft are installed efficiently and on time.

Like setting your system for automatic updates?

? Checks for changes to your important files as well as
new files, then sends you a reminder when it's time to run
Backup.

Just run it nightly for important files. Is this even actually
referring to Windows built-in backup program?

? Automatically backs up your files for you if you use an
external hard disk drive.

You said this already.

? Continual updates provide you with the latest
technology

I'm fairly sure you said this too. Maybe not exactly.

? Windows OneCare updates itself automatically to
counteract new viruses and other threats, and also works with
Microsoft Update to help ensure that your computer is up-to-
date with the latest critical security updates from Microsoft.

Okay you definitely already said the last part and without the
first this would be worthless beyond belief.

? Windows OneCare continually updates its firewall
policy to keep ahead of hackers and make sure that your
legitimate programs have the Internet access they need.

So what does Windows firewall do?

? Windows OneCare provides continuous feature
updates to subscribers, providing you with the latest
technologies to help protect you from emerging threats. If you're
worried about a new virus or other threat, you can check for
updates yourself with a single click.

You already said this.

What the hell is anyone paying for? If you find the antivirus price
competitive then fair enough but the rest would seem to be
paying for laziness and offers Microsoft a potentially viable
business model based on selling leaky OSes.

[ITrogue]

Did you know.... Norton & Mcafee are scams?

We run norton corp edition 10.1, it WILL NOT clean spyware/adware. It marks it as Leave Alone. Reason, Symantec's major shareholder is also a share holder in several spyware/adware companies. Mcafee is no better. In Trend Micro we trust. As for an MS service... if they can't secure their OS to begin with, why would i buy their security suite???

[Michael G.]

Interesting...

You raise an interesting point. I'd like to add that Norton/Symantec is the only company that refused to remove the Sony/BMG rootkit from people's computers. My suspicion is that Symantec didn't want to lose the deal they have with Sony, because they have a deal for their products to be placed on Sony's new computers. Why spend money for that type of security? Even Microsoft decided it would remove the Sony/BMG rootkit, with its own removal tool.

[metmichallica]

Microsoft

Antispyware does the same thing.

[An0nymus]

Open source NOT the safe bet

Contrary to most people's assumptions that Windows is the only OS with vulnerabilities, the "beloved" Linux is just as ripe for exploiting. The problem is that it doesn't get nearly the press simply because it is only used by a fraction of the population. Alsways remember: Linux is written BY programmers FOR programmers.

Some useful statistics that help put it into perspective:

Reported Security vulnerabilities:
Windows XP: 2 in 2006, 45 in 2005
Fedora: 15 in 2006, 84 in 2005
RedHat Enterprise Linux AS 4: 11 in 2006, 136 in 2005
Mozilla Firefox 1.x: 1 in 2006, 22 in 2005
Microsoft Internet Explorer 6.x: 0 in 2006, 17 in 2005

That is but a mere taste to illustrate that it is the Open Source community, NOT Microsoft (contrary to popular believe) that has the higher number of reported security vulnerabilities. Thes stats are taken from http://secunia.com (sorry...not affiliated with Microsoft as you were hoping).

Has anyone bothered to read other headlines of today: "Sun Microsystems issued a patch Tuesday to address seven "highly critical" flaws in its Java Runtime Environment that could allow a malicious attacker to gain remote control over a user's system." The major flaw opens up Windows AND Linux (as well as Solaris) to hackers. This is not a flaw inherent to Microsoft...sorry, you militant posters. A security package such as Microsoft's OneCare (Or Symantec or McAfee or whatever product you choose) is a line of defense against this. After all, I doubt many "non techie" users will visit Sun's site to download a patched version of Java and close this door to hackers. So for all you fanatical Microsoft haters, find something else to gripe about.

[solarflair]

Vulnerabilities will always be present.

Yes fedora had several security issues, but these 15 or so included core 1 through 4 and most were buffer over-flows which by design will not allow a typical user to be at risk unless logged in a root on the system. Your are correct, no os is one hundred percent secure, but GNU/LINUX is far more secure than xp sp2 or 2000 or their server line up. The FOSS community differs in that they find and resolve explots and make available patches sometimes within hours they are discovered. Yes Sun Microsystems have had some problems with java runtime environment. The secunia.com site a good at reporting on vulnerabilities to all os's. Also note that Core 4 and the beta of fedora core 5 came out during the 2005. Fedora releases a bleeding edge version about every six months. Having said this, I must say that those statistics are somewhat misleading to the novice.

[wakizaki]

You don't get it...

It is not how many flaws an OS has but how fast these flaws are fixed. The open source world, fixes are fast and frequent (in form of patches or software revisions). Most open-source OS users are tech-savvy people that knows basic to advanced security techniques. If you own a computer (or maybe even one is just a average user), security should also be a concern.

[System Tyrant]

IE.

I don't disagree with you at all outside of the fact that I think Linux is as secure if not more secure than Windows. Your examples don't take into consideration how many flaws are on going, their severity, or how many are known to the company, but not released to the public.

Anyway, I actually just came to comment on IE. IE hasn't really been updated in a lot of years. I guarantee that if Opera or Mozilla didn't update their software, but only fixed security problems for five years they would probably be flawless as far as security goes.

Just something to keep in mind about statistics like the ones you posted. They don't tell you anything. Sure you can look at them an say that Microsoft had less reported vulnerabilities than Linux or other Open Source software, but it doesn't show context.

[hansong]

Major Scam

If were not for scriptkiddies, crackers and worm writers, all those leeches (antivirus companies) would starv.
They thrive and make millions thanks to Microsoft's shoddy Operating System, and now, the Shame of the Shame, Microsoft DARES to charge people who buy his crappy Windows and Vista Systems for getting protection?

Shame on you Microsoft!

I will never ever buy a MS software ever.... and guess what... I bet that the MS antivirus/firewall and whatever else, will be as lame as the MS operating system is.

When you PURCHASE software you have high expectations at quality and security.

Customer support? Dig your wallets ladies and gentlemen to get paid access to Microsoft Antivirus Technicians.

Microsoft Operating System: around $200.00
Microsoft Antivirus: $50.00 subscription to protect the $200.00 investment
Microsoft Customer Support: $ 25.00/ hr call to get help on Antivirus borks.

Can anyone say Good Bye MS? I can.

[Leekolas]

The cost for me.

Is only about $200.00 for the OS. I get McAfee free through the campus IT department, and once I graduate I'll switch to ClamAV for my virus protection needs. I don't need to pay for tech support because I don't start crying when I don't immediately know how to do something.

Not that I wouldn't mind not paying for the OS, but the two alternatives don't exactly support my computer needs.

Not really

"Dig your wallets ladies and gentlemen to get paid access to Microsoft Antivirus Technicians. Microsoft Operating System: around $200.00..."

You can get XP Home for under $100 on NewEgg, and there are plenty of free Anti-Virus programs. Also tech support isn't needed, since most of the time with a little patience you can undo whatever you screwed up.

[sneaky2]

Microsoft empire

Just another way for M$ to take your money and for Bill's empire to become even more of a monopoly!

[aabcdefghij987654321]

DO NOT TRUST THIS PRODUCT!!!!!

So now, every piece of M$ software is full of security vulnerabilities and now they introduce a security product? I haven't had a laugh this good in a long time. There is no such thing as an e-mail virus, only a Microsoft Outlook virus. No macro viruses, only Microsoft Office macro viruses. Microsoft has introduced viruses in to every file format short of text files, but I heard they are working on that one too. The single most effective thing you can do to protect yourself is to never use Microsoft products. Period. To all you Microsoft product using weenies; I'm getting tired of defending myself from the crapola that comes out of your Microsoft software and PCs. Please find alternatives, you'll thank me later once you've realized all the stability you've been missing out on also.

[TheOneAndOnlyBob]

"Anti-MS" Fanboy for sure

Yeah - I'll take the word of an Anti-MS fanboy anytime.

In the real world, people write viruses and spyware for the biggest impact - against the largest user base. That's why MS is hit, not because of the petty anti-MS fanboy ideologies that are out there.

[Stan Johnson]

Systemic conflict of interest!

They make a vulnerable OS and now they want to sell you products to make it safe. Makes no sense for the consumer. It is a scam and a rip off.