CONNECTED COMMENT (27/01/05)
Two years ago news that Microsoft had acquired the Romanian software
company GeCad sent cold shivers through the anti-virus software industry.
Seasoned Windows watchers merely exchanged a few wry grins since it is the
vulnerabilities in Microsoft products, like Internet Explorer and Outlook
Express, which are targeted by most of the thousand or so new viruses unleashed
on the Internet every month.
Rumours that Microsoft would at some point include an anti-virus
program in future releases of Windows XP have so far proved groundless, much to
the relief of companies like Symantec, Network Associates, Trend Micro and
Sophos, though it is clear that the Redmond giant is now responding to criticism
that it hasn’t taken the problems of computer viruses seriously enough and has
finally started to put some flesh on the bones of its Trustworthy Computing
Initiative, first outlined by Bill Gates 2002.
Within the past few weeks, and without any of the usual razzmatazz,
Microsoft quietly released two products designed to help reduce the deluge of
viruses and ‘malware’ sloshing around the web.
The first to appear was a utility called AntiSpyware (see F!F!F! for
more details). This seeks out and destroys the nasty little programs that ride
piggyback on Internet pages, generating pop-up advertisements or hijacking PC
users ‘Home Pages’ and redirecting them to pornographic websites.
Spyware ‘killer’ programs are hardly new, there are dozens of them,
including quite a few that carry their own malware payload or give ‘false
positives’ in an attempt to scare users into buying them. But for a change the
Microsoft offering -- currently in the pre-release ‘Beta’ testing stage -- has
received nothing but praise from those that have tried it.
It has proved highly effective at eradicating a wide range of malware
infections, including several that other programs leave behind. It also flags
up, as potentially harmful, peer-to-peer music sharing software, like Kazaa and
Groskster, which have long provided an open conduit for viruses and adware
programs. Microsoft hasn’t yet said whether it will remain free to users but
the indications are promising and its distribution would certainly work well as
a public relations exercise and help to repair its tarnished image.
The second and potentially more interesting program is codenamed
‘Titan’ and this was released two weeks ago, on January 11th. That date is
significant; the second Tuesday in each month is known in the trade as ‘Patch Tuesday’, when Microsoft distributes
its security updates. This indicates there will be an on-going program of
updates for Titan, designed to keep Windows XP computers clear of new threats,
in much the same way as third-party anti-virus software.
Contrary to some expectations Titan, now officially known as the
‘Microsoft Malicious Software Removal Tool’ is not an anti-virus program in the
traditional senses in that it doesn’t scan incoming files and downloads for
infections. Instead it addresses the more worrying problem of the estimated
two-thirds of Windows computers that currently do not have any effective
antiviral measures and the millions that are already infected.
Titan checks the computer’s hard drive looking for a comparatively small
number of the most virulent viruses and the changes they make to critical
system files. If any are found the virus file is deleted and the changes are
undone. Titan’s highly focused targeting of specific infections means that it
is blindingly fast and on most recent PCs a full scan should take no more than
a few seconds.
Microsoft is careful to stress that Titan is not a substitute for a
full-blown anti-virus program; clearly mindful of the outcry it could create.
Nevertheless the stock value of several security software companies dipped last
week as soon as news of Titan’s release became known.
There is little doubt that Microsoft is working towards a more
comprehensive anti-virus package and there’s speculation that it is keen to
acquire a more high profile name in the anti-virus software industry. But even
if this were to happen it is unlikely that a Microsoft branded anti-virus
package would reach the market before the release of its new operating system,
codenamed ‘Longhorn’. This is still at least a year away and it would be a
natural home for a fully integrated program. It will also give Microsoft and
the security industry time to prepare for the inevitable slew of
anti-competitive lawsuits that would coincide with such a move. More details
and a download link to the Malicious Software Remove Tool can be found by
typing ‘KB890830’ into Google.
Ó R. Maybury 2005 2001