IT Jobs
We're still struggling with security, admits Microsoft
But we are improving insists software giant.
By Jeremy Kirk, IDG news service
Published: 06:58 GMT, 13 November 07
Microsoft is still experiencing pain as it struggles to bring its own security products and service up to speed.
Microsoft released Windows Live OneCare for consumers in May 2006 and its Forefront Client Security for enterprises earlier this year. Both products entered a saturated security market populated by experienced security-specialist companies such as Symantec, McAfee and Trend Micro.
When Microsoft began investing in the security field around 2003, the company didn't have "the ability to speak AV," said Vinny Gullotto, general manager of the company's Malware Protection Centre. Now, that ability is much more developed, said Gullotto, who spoke early this week on the sidelines of IT Forum in Barcelona, the company's largest customer event in Europe.
At least initially, Windows Live OneCare didn't fare well in malware detection tests, but Microsoft is improving its performance, Gullotto said.
Between September 2006 and September this year, Microsoft has improved its malware detection rate by about 20 points, Gullotto said. Now, Microsoft's detection rate is usually between 91 percent to 95 percent, depending on the testing plan, he said.
At least as recently as May, Microsoft's OneCare and Forefront products, which share the same set of malware detection signatures, only had a 76 percent detection rate, according to AV-Test, a German anti-virus testing organisation that often performs tests on commission for technology magazines.
One way to improve detection rates is to increase the number of signatures, Gullotto said. Many testing organisations test anti-virus software against a batch of malicious software samples and rank those products according to how well the samples are flagged.
But generating more signatures demands more analysts and research capacity. Microsoft is investing heavily in both of those areas, although Gullotto declined to say how much.
Microsoft used to only have one malware research lab, based in Washington . This year, Microsoft has opened new labs in Tokyo, Dublin and Melbourne to allow it to respond to customers 24 hours a day worldwide.
Last year, it took Microsoft three days to respond to a query from one of its customers regarding security, Gullotto said. Now, that response time is down to between six to eight hours, but Gullotto said they'd like it to be around a maximum of six hours.
To meet that goal, Microsoft is hiring experts for all three new labs, Gullotto said, but "I'm not satisfied with it. We want to hire more experienced people." Over the last few years, Microsoft has had success in recruiting experienced security analysts from companies such as F-Secure, Trend Micro and McAfee.
The growth in the number of malicious software samples circulating on the Internet is "just immense at this particular point in time," Gullotto said. Microsoft is also trying to build more tools that can automatically analyse malware, he said.
In another improvement, Microsoft plans to update spyware signatures in its OneCare, ForeFront and Defender products once a day rather than twice a week as is done now, Gullotto said. Spyware is the term for an unwanted program that records and transmits information about a person's PC, often without the user's consent or knowledge.
.gif)
Add your commentComments
AK | Published: 10:53 GMT, 20 November 2007
It seems to me that MS are at least trying. If as you say Apple has security problems ( and they issue at least as many security updates as MS) but are trying to hide them then MS is the more responsible company in this respect. I would expect any OS to need regular security updates as the attackers get more sophisticated. One day however attackers will work out how to introduce malicious code into the security updates.
BwS | Published: 13:14 GMT, 14 November 2007
So, JohnG, I suppose you create bullit-proof software that doesn't have any vulnerabilities? Creating operating systems is very much a 'rocket-science' experience. Be thankful that MS is responding and showing concern, not just in its communication but also in its budgeted expenses. Yes, they have problems. Yes, they started by downplaying the problems. And yes, they are now responding and working resolve those problems. I agree with Dante that this is a better approach than the Apple approach. Although Apple, apparently, started with a tighter product, their response is "not me!". Hopefully they will soon be more open and honest about it.
Dante | Published: 17:24 GMT, 13 November 2007
It's still better than Apple's: Security Problem? WHAT security problem? And if you disclose, YOU will get a LAW SUIT problem. I much prefer Microsoft's open air disclosure than Apple's head in the sand approach.
JohnG | Published: 15:22 GMT, 13 November 2007
That's quite a racket, being able to sell products to protect against defects in one's own products.