Feeds

On MS, AV and Addictive Updates

All your security updates are belong to us

  • alert
  • submit to reddit

SANS - Survey on application security programs

Microsoft's surprise decision this week to buy the antivirus business of little-known Romanian firm GeCAD Software is part of a plan to get users "addicted to WindowsUpdate".

Redmond has long toyed with the idea of delivering security patches for its product alongside their own updates for virus definition files. This sounds fine until you consider the problems that can arise when a patch has a negative effect on systems.

Nonetheless, Rob Rosenberger, antivirus industry gadfly and editor of Vmyths.com, believes Microsoft wants to combine WindowsUpdate with an AV system embedded in Windows itself. Microsoft hints as much when it says "work will be done to help increase today's limited percentage of customers that are protected with updated antivirus signatures".

Rosenberger comments: "Microsoft want end-users to get addicted to WindowsUpdate, and they believe they can do it by adding relentless antivirus patches to it."

PR damage limitation

Such a move could help Redmond deflect some of the criticism it gets when new prolific viruses appear, Rosenberger argues.

"Microsoft has long envied the antivirus industry because they can issue hundreds of patches per year, per product, without complaint and include fixes for critical security holes in their products without telling users about it," he cheekily notes.

According to Rosenberger, Microsoft will give the industry a big reason to bring innovative technology, such as better pro-active detection of new viruses, to market.

"I doubt it, but it might even break the cartel's grip on antivirus software," writes Rosenberger, warming to his theme.

"Antivirus technology has stagnated for years under the cartel's reign. Microsoft's entry into 'their' turf could force them to market much better technology, strictly as a competitive move," he adds.

Initially, AV vendors (AKA the cartel) are likely to play a wait and see game, Rosenberger says.

"I strongly suspect the cartel won't move quickly on this matter. If they're smart, they'll wait to see if Microsoft screws up like they did years ago with Central Point."

Here's one we did earlier

Readers with longer memories will remember that Microsoft bundled a cut-down version of an AV package from Central Point with Windows 3.1 and DOS 6.

However the technology proved unreliable and was ditched when Windows 95 debuted.

This time around things will be different, Rosenberger believes.

"Microsoft has a plan for its new acquisition, and they specifically want to exploit the Addictive Update Model. Microsoft had NO plan years ago when they linked up with Central Point, and they never anticipated the ongoing requirements for an Addictive Update Model," he writes.

Ray Lewis, General Manager for Western Europe at digital security specialist Aladdin Knowledge Systems, agrees with Rosenberger that Microsoft is looking to integrate this anti-virus technology into future versions of Windows operating system. The likelihood that Microsoft begins charging for the virus signatures updates subscription will send shockwaves through the industry, Aladdin believes.

"All the major anti-virus players that get the majority of their revenues from selling desktop and enterprise anti-virus solutions will be directly competing with Microsoft. This will force anti-virus vendors to diversify or die," said Lewis.

"The market will need to evolve fast. One obvious path would be to focus on gateway (rather than desktop) solutions or investigate other digital security options such as spam control."

Against this, many argue that Microsoft's decision to bundle a firewall product with XP has not sounded the death knell for the personal firewall market.

Desktop AV vendors are highly unlikely to hand over the market to Microsoft without a long fight. ®

Related Stories

Microsoft enters AV market
MS relieves patching 'pain point'
Microsoft mulls patch distribution with AV updates
Bugbear sequel spells fresh misery for Windows users
VX writers release sequel to infamous Sobig worm

External Links

Rob Rosenberger explains the AV industry's Addictive Update Model
Is Microsoft's decision to buy an AV firm in the former Soviet bloc a threat to US national security? (another of Rob's entertaining rants)

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.