On MS, AV and Addictive Updates

All your security updates are belong to us

Microsoft's surprise decision this week to buy the antivirus business of little-known Romanian firm GeCAD Software is part of a plan to get users "addicted to WindowsUpdate".

Redmond has long toyed with the idea of delivering security patches for its product alongside their own updates for virus definition files. This sounds fine until you consider the problems that can arise when a patch has a negative effect on systems.

Nonetheless, Rob Rosenberger, antivirus industry gadfly and editor of Vmyths.com, believes Microsoft wants to combine WindowsUpdate with an AV system embedded in Windows itself. Microsoft hints as much when it says "work will be done to help increase today's limited percentage of customers that are protected with updated antivirus signatures".

Rosenberger comments: "Microsoft want end-users to get addicted to WindowsUpdate, and they believe they can do it by adding relentless antivirus patches to it."

PR damage limitation

Such a move could help Redmond deflect some of the criticism it gets when new prolific viruses appear, Rosenberger argues.

"Microsoft has long envied the antivirus industry because they can issue hundreds of patches per year, per product, without complaint and include fixes for critical security holes in their products without telling users about it," he cheekily notes.

According to Rosenberger, Microsoft will give the industry a big reason to bring innovative technology, such as better pro-active detection of new viruses, to market.

"I doubt it, but it might even break the cartel's grip on antivirus software," writes Rosenberger, warming to his theme.

"Antivirus technology has stagnated for years under the cartel's reign. Microsoft's entry into 'their' turf could force them to market much better technology, strictly as a competitive move," he adds.

Initially, AV vendors (AKA the cartel) are likely to play a wait and see game, Rosenberger says.

"I strongly suspect the cartel won't move quickly on this matter. If they're smart, they'll wait to see if Microsoft screws up like they did years ago with Central Point."

Here's one we did earlier

Readers with longer memories will remember that Microsoft bundled a cut-down version of an AV package from Central Point with Windows 3.1 and DOS 6.

However the technology proved unreliable and was ditched when Windows 95 debuted.

This time around things will be different, Rosenberger believes.

"Microsoft has a plan for its new acquisition, and they specifically want to exploit the Addictive Update Model. Microsoft had NO plan years ago when they linked up with Central Point, and they never anticipated the ongoing requirements for an Addictive Update Model," he writes.

Ray Lewis, General Manager for Western Europe at digital security specialist Aladdin Knowledge Systems, agrees with Rosenberger that Microsoft is looking to integrate this anti-virus technology into future versions of Windows operating system. The likelihood that Microsoft begins charging for the virus signatures updates subscription will send shockwaves through the industry, Aladdin believes.

"All the major anti-virus players that get the majority of their revenues from selling desktop and enterprise anti-virus solutions will be directly competing with Microsoft. This will force anti-virus vendors to diversify or die," said Lewis.

"The market will need to evolve fast. One obvious path would be to focus on gateway (rather than desktop) solutions or investigate other digital security options such as spam control."

Against this, many argue that Microsoft's decision to bundle a firewall product with XP has not sounded the death knell for the personal firewall market.

Desktop AV vendors are highly unlikely to hand over the market to Microsoft without a long fight. ®

Related Stories

Microsoft enters AV market
MS relieves patching 'pain point'
Microsoft mulls patch distribution with AV updates
Bugbear sequel spells fresh misery for Windows users
VX writers release sequel to infamous Sobig worm

External Links

Rob Rosenberger explains the AV industry's Addictive Update Model
Is Microsoft's decision to buy an AV firm in the former Soviet bloc a threat to US national security? (another of Rob's entertaining rants)

Sponsored: Network DDoS protection