Anti-malware Vendors Stare Down Microsoft Threat

Captain Rose writes "Matt Hines at eWEEK has stepped up to report the other side of the story CNET inked recently on the perceived death knell that Vista will deliver to independent anti-spyware vendors. There's definitely a fight in store (David v. Goliath), though who knows how long we'll have to wait to see it play out now that Vista's delayed yet again. Is this a bit of foreshadowing on how the new Microsoft OS will address the self-replicating, zero-day spyware threats?" From the article: "Most industry watchers concede that it will be hard for Microsoft to easily displace the enterprise security businesses of leading vendors such as Symantec, McAfee and Trend Micro, which market integrated packages of applications to companies wishing to solve long lists of problems. However, for firms that are focused on only one of those problem areas, analysts said, Vista and the other Microsoft security products could pose a significant threat."

There will still be a market

[kimvette]

if history serves as an indicator of future performance. I'm sure that Microsoft will stick to the first Tuesday of every month (or whenever it is) to release signature updates, security patches, etc., which will give third-party vendors the upper hand - or worst case should Microsoft totally blow it, potentially drive up the market share for OS/X and Linux migrations.

Won't the need always exist?

[Tominva1045]

As long as the OS permits users to turn down or turn off security measures- experienced users in order to do something they deem useful and noobs for just not knowing any better- followed by forgetting to turn them back on/up and then surfing to some-malicious-site.com or opening some-malicious-email then the liklihood of an unwanted installl/download > 0 yes?

Sounds like we will always need utilities to help out.

As technology evolves, so will the malware.

Compare this topic to that of graphics- in the beginning there was the .BMP. And Microsoft gave us the Paint program. But images evolved into other formats and movies. And that necessitated all kinds of cool graphics software-- needs not even Microsoft itself could fully imagine or fulfill.

There will always be a market for some next-big-thing.. :-)

Microsoft Antispyware

[RyanCowardin]

I can't help but wonder why Microsoft bothered to buy Giant Company awhile back for their antispyware product. Guess it explains why they've put zero effort into improving it since they bought it though.

It's not Microsoft's fault for once

[Rosco+P.+Coltrane]

Anti-virus companies, ironically, are very much like a parasite that only lives on a specific host. When the host disappears (pre-Vista versions of Windows), the parasite dies. Either they get lucky and they find a new host in the form of Vista with security problems, or they diversify in a hurry.

For once, you can't blame Microsoft for ruining an industry, and I can't say I'll feel sad if McAfee or Symantec dies...

Re:It's not Microsoft's fault for once

but how do you know that Vista is going to be any more secure than anything else they have ever produced??

He doesn't. That's why he never made that claim.

Either they get lucky and they find a new host in the form of Vista with security problems, or they diversify in a hurry.

Put me out of business

[Charles+Dodgeson]

First M$ creates an entire industry focused around fixing holes in their OS. Now they are threatening to fix their own holes and that industry is mad at them?

That's my feeling about it. A substantial portion of my earnings comes from coping with a problem that shouldn't exist. (I help small and medium sized businesses cope with spam.) If some development makes the spam problem go away, that will be bad for my business. I knew that when I started working in the business. And I'm not any brighter than the people who went into the anti-malware business.

Overall, I would like to be put out of business by a real end to the spam problem.

No.

[Flying+pig]

Building security into an operating system cannot be bundling, because security is an essential part of OS design (well, for proper Oses it is, anyway.)

However, there is a more interesting issue with things like virus signatures and so on (emerging threats.) IANAL but I do wonder if, assuming that continuous updates are required to identify new forms of phishing, Trojans etc., MS might be required by the EU to open its API so that updates could be bought from different suppliers, on exactly the same basis that you can buy tires and exhausts from sources other than the car maker.

So...

[steveo777]

Microsoft plans on counteracting McAffee, Symantec, and Trend Micro's speed crippling services with their own? Honestly. There are MUCH better tools out there that corporations could be using. Try using a Novell firewall in front of all your Windows boxes. Then subscribe to a good blocklist so your employees can't get to sights that are likely to be infected (employees will rarely, if ever, need access to warez, porn, or blogging sites).

The big names in anti-virus are just eating resources. Without them we wouldn't be upgrading our computers quite as often. I work on a 2000 box at work with only 256MB of RAM. It normally runs fast enough, but once there was a decision by scared execs Symantec was installed. Now I'm hitting the VRAM like a drunk hits the dollar tapps at happy hour.

Hmm...

[tktk]

Collectively, all other anti-malware vendors should just delay support for Vista. Let Microsoft handle all the anti-malware for a while.

Then when Microsoft is overloaded with attacks, the vendors should return with their new versions. They'll be greeted as saviors.

Re:Don't worry!

[fireman+sam]

Microsoft has gotten away with the browser bundling because it was a first offence.

I have word that the bigger players in the anti virus/malware markets have preempted Microsoft and are already being advised by relevant legal departments. They (the AV/M companies) cannot do anything unless Microsoft bundles competing software. But as soon as they do, you can be assured that if there is any drop in revenue seen by the AV/M companies, Microsoft will find itself in court again. Next time it will not be a first offence.

Who Watches The Watchers?

[mabu]

If there's an issue over whether Vista will put the big antivirus companies out of business, I don't see it as consequential. IMO, the software companies themselves will be responsible for their own demise, regardless of whether Microsoft enters the market. Programs like Norton Utilities used to be valuable, but now these once-critical utilities have morphed into bloaded virus-like software incarnations that are best not installed in the first place.

Furthermore, both McAffee and Symantec products have been hosts to numerous flaws, security holes and vulnerabilities themselves.

If Microsoft wanted to do it right, they could merely have Vista identify both programs as "malware" right off the bat, remove them from the system, and most users would be better off.

Isn't This Monopoly Power Abuse?

[john.mull]

Isn't Microsoft using its monopoly power to (Windows platform) to introduce a new product that competes with existing products? Anti-virus companies are already making products to handle security, then Microsoft includes that functionality in the OS itself.

This is quite similar to the inclusion of Internet Explorer. And OS level disk defragmentation (remember PC Tools anyone?).

Now if Microsoft were to include preventatives/prophylactics in the OS, that's one thing, but including AV software, even if integrated into the OS, seems to be stretching things a bit.

Of course, this is the company that said it was cheaper to break the law and fight it in court than it was to follow the law.

Re:Don't worry!

[courtarro]

"In the 80's and 90's Word Perfect was the defacto standard for an office suite, and Claris Works was popular on the mac. Then microsoft brought out it's office suite, and has all but put the competition out of buisness."

This fact doesn't support your argument concerning bundling because these products are not necessarily included in Windows. Rather, the fact that Office became the standard is either due to a) improved quality over the competition, or b) improved marketing over the competition, neither of which is illegal. When you buy a stock computer from a company like Dell, they most often include WordPerfect by default, and you have to pay an extra $NNN to have Office included instead. People must make an active decision to pay extra for the product, so if they have it, they must feel that it's worth it. If Corel is losing money as a result of people making this decision, it's their own fault, one way or another.

The strange thing about this article is that it makes MS out to be the bad guys. Viruses and spyware feed on weaknesses in the OS, therefore so do anti-virus and anti-spyware products. When Microsoft improves the security of their OS and therefore hurts the businesses that leeched on those holes, are they really the bad guys? All MS does is improve the experience built into the operating system. How is it their fault to make an operating system that fixes itself, even if the "fixing" is done by a part of the system that happens to be called "MS Antivirus" or "MS Antispyware"?

Re:Don't worry!

[fireman+sam]

It isn't illegal if you are not a convicted monopoly. But a company using its dominance in a market to squash competition is considered anticompetitive and a violation of antitrust laws (http://en.wikipedia.org/wiki/Antitrust).

If Microsoft want to get into the antivirus/antimalware market, they are free to develop (or purchase) a product, market it and sell it. They just cannot bundle it with Windows as this would be seen as an attempt to squash the existing companies (who compete on product price, quality, etc) out of the market.