News

Microsoft Posts Beta of AntiSpyware Tool

• By Scott Bekker
• January 06, 2005

Analysts generally applauded Microsoft's decision to shoulder more responsibility for protecting users from spyware but warn enterprise customers that the new Microsoft software is on a par with consumer-grade, not enterprise-grade, anti-spyware offerings.

The official name of the new product is Microsoft Windows AntiSpyware. It is designed for use on Windows 2000, Windows XP and Windows Server 2003. The software is designed to detect and remove spyware and provide real-time protection from spyware.

The tool works by scanning the computer's memory, files and registry and comparing what it finds against a database of thousands of spyware signatures. After confirming detection of known spyware, the tool also removes the spyware. Sources of the signatures are a large professional and volunteer network called the SpyNet Anti-Spyware Community and Microsoft researchers.

In addition to the system scan, the always-on component employs real-time protection agents that monitor more than 50 security checkpoints for changes commonly made by spyware. Once a change is detected, the Windows AntiSpyware tool prompts the user on whether the offending program should be removed.

Spyware has only recently become viewed as a major security, privacy and usability threat on par with other problems like anti-virus and spam. In November, IDC estimated that as many as 67 percent of consumer PCs are infected with spyware. Spyware is generally defined as unwanted software that is downloaded without the users' knowledge or consent. Common types of spyware include adware; programs that track a user's movements on the Internet; programs that change search results to redirect users to malicious or advertising sites; and, most ominously, keystroke loggers, which can record passwords and account numbers.

Microsoft also portrays spyware, which can impede system performance and cause crashes, as a burden on its support infrastructure. "We believe that spyware is directly responsible for more than a third of the application crashes on Windows XP reported to Microsoft," Mike Nash, corporate vice president of the security business and technology unit at Microsoft, said in a Q&A on the Microsoft site.

Nash says Windows AntiSpyware builds on work Microsoft already did for its Windows XP user base in Service Pack 2. Features of SP2 that Nash bills as anti-spyware aids include the Internet Explorer pop-up blocker, which prevents a common vector for spyware installation, and the Internet Explorer Information Bar, which suppresses unsolicited downloads.

In a short report last month on Microsoft's Giant acquisition, analysts at Gartner noted the Giant product is competitive with consumer-grade offerings, but is missing key capabilities of enterprise offerings. "Evaluate all anti-spyware solutions on the basis of their enterprise management capabilities, including enterprisewide site licensing, group policy configuration, system management console integration, scriptability and command line support. The absence of these features is a weakness of many smaller vendors, including Giant," the Gartner analysts wrote.

Information about Windows AntiSpyware and links to download information is available at www.microsoft.com/spyware.