X
Tech

Microsoft's AV success may lead to PR disaster?

Microsoft launched its Windows Live OneCare antivirus package in the US earlier this year and instantly grabbed about 15 percent of the retail market; although this may be good for short term revenue, it could completely wreck everything the software giant has invested in improving its reputation for security.For the past few years, Microsoft has been banging the "trustworthy computing" drum, which has involved rewriting and redesigning its platforms and applications to make them more secure.
Written by Munir Kotadia, Contributor

Microsoft launched its Windows Live OneCare antivirus package in the US earlier this year and instantly grabbed about 15 percent of the retail market; although this may be good for short term revenue, it could completely wreck everything the software giant has invested in improving its reputation for security.

For the past few years, Microsoft has been banging the "trustworthy computing" drum, which has involved rewriting and redesigning its platforms and applications to make them more secure. When trustworthy computing was first launched by Bill Gates in 2002, Microsoft's army of developers were initially told to stop creating new features and instead focus on removing existing vulnerabilities in its products.

Now the company has had more than four years to improve its code and harden its products, Microsoft has launched itself into the lucrative antivirus market -- and made an immediate impact.

The only problem is that in recent months, it has become obvious that malware authors are testing their viruses and Trojan horses against the most popular antivirus applications as a form of "quality control" before releasing their creations into the wild.

This is where the actual depth of Microsoft's security expertise -- as well as the loyalty of its OneCare customers -- will be tested to the limit.

So how will Microsoft's antivirus application deal with threats such as Haxdoor, which is a nasty Trojan that recently hit the headlines after infecting 35,000 computers worldwide -- 10,000 of which were in Australia?

According to AusCERT, Haxdoor spreads via e-mail and uses rootkit technology to hide from security applications. When it was first released, it was undetectable by most antivirus software because it was almost certainly tested against the most popular brands.

So how could you tell if you were affected? The simple answer is, you couldn't

On its Web site, AusCERT warned that "due to the stealthing (rootkit) and antivirus disabling capabilities of this malware, a clean scan with an antivirus product may not guarantee that you are free from infection".

So even if you had an updated antivirus product, once Haxdoor has installed a rootkit and hidden behind it, AusCERT advised that "re-installation of the operating system from the original installation media is the only way to be confident that all traces of the malware has been removed".

Even Microsoft's mighty PR machine is unlikely to be able to defend the company's reputation if its customers find themselves infected by a Trojan or virus even after buying into Microsoft's OneCare security offering.

Over the next year -- and possibly an awful lot sooner -- the quality of Microsoft's security package will be tested to the full. If it is not at least as good at protecting Windows as products from rival security vendors, then all the progress made in improving Microsoft's reputation for security will have been wasted.

Editorial standards