Submitted by To address the growing need for a PC security solution tailored to the demands of emerging markets, smaller PC form factors and rapid increases in the incidence of malware, Microsoft Corp. plans to offer a new consumer security offering focused on core anti-malware protection.
The new security offering code named “Morro” is based on Microsoft’s malware protection engine and it is slated for release in the second half of 2009.
…[it] will provide comprehensive protection from malware including viruses, spyware, rootkits and trojans. This new solution, to be offered at no charge to consumers, will be architected for a smaller footprint…
It’s a very good move by Microsoft to protect its customers against malware. But I can’t help but wonder how Symantec, McAfee and other anti-virus vendors will react to this “no-cost” offering. As long as Microsoft doesn’t bundle “Morro” with their OS they’ll be safe from anti-trust lawsuits, but offering it for free might bring down the cost of other commercial offerings.
“Morro” will be available as a stand-alone download and offer malware protection for the Windows XP, Windows Vista and Windows 7 operating systems.
They will be discontinuing “Window Live OneCare” effective June 30 2009 in an effort to keep things simple and less confusing for customers.
I for one believe this protection should be cheaper and if Microsoft wants to offer it for free which in turn drives down the prices of competing products then that’s great for consumers.
I’d expect all the Microsoft haters out there to cry foul but in the end Microsoft has provided a platform which like it or not has a massive surface area for attack and they should be protecting their customers for free.
Of coarse it’d be better if the problems didn’t exist in the first place and I believe they’re addressing this even if it is not as fast as we’d prefer, but for the interim a free product from them to help protect us is a great idea.
Thumbs up, Microsoft.
I’m usually against Microsoft bundling crap with their OS because it is always designed to conquer that particular market; be it browsers, video players, whatever.
In this case, however, I think Microsoft should bundle security software. I think it is immoral to charge the prices they do for their OS and then expect somebody to fork out yet another $40 bucks to protect against security problems.
Unfortunately, I’m sure the companies like Symantec, who have made their fortunes fixing Microsoft’s problems, won’t be too keen on the idea.
I gotta agree. I’m not a big Microsoft fan but this is something that should be included with Windows. Although I’m sure the Likes of Symantec and Mcafee will be tossing the word anti-trust around on this.
In the good old dos 6 days, they were giving a free AV with the system. IIRC it was a limited version of norton antivirus. So it wouldn’t be the first time they did it.
Yes, it’s a good move. Other companies are already offering free AV, so there’s no unfair competition here. Those who want a paid AV can disable the native AV and use their own just fine. I hope this new MS AV updates automatically and daily for both legtimate and pirated copies of Windows because otherwise this isn’t going to put a dent into botnet’s installations. Remember that between 85 and 90% of spam is sent from a network of remotely controlled computers infected by malware around the world. It should take a few more years until everybody uses an updated antivirus.
Do you have some pointers about those figures for the origins of spam? I find it strange, because spam still needs to be sent through the SMTP servers of the ISP of an ‘owned’ computer.
Sorry to say, but no it doesn’t. Those ‘owned’ computers can have a simple SMTP engine installed, and as long the ISP doesn’t block sending to TCP port 25, they send spam directly.
Yes, but a lot of big ISPs nowadays only allow people to connect to port 25 on their SMTP-servers. (Although even a standard port like 587 is often still allowed..!) I used to use my own SMTP-server myself, but found it troublesome in that a lot of my emails (and this is years ago) would have trouble getting delivered. But yes, it would be trivial and small to have your own SMTP-server on those owned machines. Still would have liked a reference for those numbers…
If this new software is as bad as the onecare, then I don’t think the likes of norton are going to be too worried. Brand names such as norton are still going to continue, just like they do now. AVG free is a great, just like the new anti-melware program from microsoft, its not bundled with windows and is also free. There isn’t any real reason for anyone to accuse Microsoft of bad practice here, they’re just doing it free like the rest of the free providers and there will always be users who try it and don’t like or or prefer to pay for a product because they get something that’s been ‘paid and supported’.
That’s true. It’s incredible to buy a product that is expensive and not ready to use. So far, MS has sold the poison and the antidote.
Yes, really fresh news… I think Windows Defender has been around for quite a few years. And the Windows Malicious Software Removal Tool is downloaded every month and checks for spyware/trojans. One only has to make sure that the copy of Windows is genuine.
On the other side, true, one also can use AVG and its “format c:” protection schemes,
.
You mean they’re distributing Linux?
I kid, I kid.
If everyone started using Linux, think of all the poor companies that would starve. All these companies that make billions on doing what Microsoft should have done in the first place, fix the security flaws in Windows, would go bankrupt because their products are mostly redundant on Linux.
I thought I didn’t need an AV suite if I run Vista?! They lied to me!!!
Here’s another one…
They better be releasing it for free since no one is buying that “One Care” garbage.
Just that, look how good we’ll be…
I always said If MS sells Ultimate copy then it should include a free antivirus/antispam/antieverything.
It is ridiculous to call it ultimate while it is a vulnerable OS and the customer should care for it instead of the OS care for you. You are basically a nurse for the OS.
I need the OS company to care about their OS and my applications while I concentrate on my productivity.
I am afraid it will be too late 2009; It’s now or never!
Does anybody have more info on how well it will perform as compared to other anti-malware solutions?
I suppose this is good news for users but bad news for businesses selling malware removal services and/or products.
Competition is tough and I’m sure Symantec, McAfee, AVG, and Kaspersky will have their tantrum about this one.
I cannot say much because I use the free ClamAV anti-virus software on Linux. Its far from the best in terms of Windows malware detection (compared to other Windows virus protection products) but is antiquate when you never obtain “Linux” viruses anyway. ๐
Edited 2008-11-19 09:38 UTC
This will have one problem that Microsoft can’t overcome; huge market share. If/when this is being used by almost every windows user the bad guys will turn their attention to it. Any software has holes to exploit and this will be no different. There will be a huge number of people attacking it and nothing can stand up to a concentrated attack. Just look at BluRay.
Not a bad idea but as said, the bad boys will concentrate on it. So better pick some other free AV programm and learn some common sense about not opening certain attachments.
Security starts with the user, it has been so for the last 20 years.
MS has included an anti-malware tool for years and it has always been free.
Its called FDISK, clears any virus or malware off the system with a 100% removal rate
Actually, security starts with the OS design. Until Microsoft gets it through their thick skulls to enforce users running as users and not admins then the problem will continue. I also think that user directories should have a no-execute flag on them. Course, that would cause a problem with the thousands of crap apps that people load their systems with. But hey, you gotta break a few eggs to make an omlet.
Running as admin or not has no relevance for how easy malware can spread. Today’s malware isn’t interested in borking your system, it is interested in staying in the background, gathering data or being part of botnets. Neither of these requires admin access.
I know I’ll sound like one of those deranged Linux fanboys when I say this (I’m just a user not a fanboy as evidenced by my total apathy either way over the whole GNU/Linux naming thing), but anyway here goes.
Part of Linux’s security is that users always run in an underprivileged user account that cannot alter the system outside of their home folder. As another poster in this thread said, a lot of Windows’ malware comes in trojan horse form. For now, there’s no risk of that in Linux, and in the future it will be diminished if people just use their distro’s repositories since they’re a fairly trustworthy source of programs. Spyware and viruses that attack when you visit a web page, however, would be completely useless against Linux if the user isn’t running as root. I mean, if the virus were a Linux binary, designed to attack Linux, it would be useless without admin powers (assuming it doesn’t use some as-yet-non-existent jailbreak (permissions escalation) exploit).
UAC was a lame hack on a broken system to try and get user permissions working like this in Windows, and it annoyed everyone. If they did it right, which in the case of Windows would probably require a major rewrite and a kick in the ass to every developer, then Windows’ security would be improved dramatically
This simply isn’t true. There is a lot you can do with just user level rights. You can add a program to a startup script so it runs every time you log in. You can open a network port to listen for commands from the hacker. And you can send out mail or help DoS an IP address. Basically most things a trojan would ever want to do.
If a Linux binary trojan is delivered to a Linux system via an external connection (say via a web browser), then as I understand it the binary file when it arrives on the Linux system will have no local execute permissions at all. A local user will have to manually “chmod” it to give it some permission to execute, and even then it will only gain the same privilege level as the user had.
This won’t work for viruses, which try to infect and spread via stealth (hence without local user actions or even knowledge), and not via enticing the local user to actively participate in the propogation.
For trojans this can feasibly work, since the whole concept is to offer the recipient something desirable, that might entice them to go through all of the manual steps required on a Linux system to allow an external file to run.
However, on a Linux system the “paradigm” is to install stuff via the package manager, and hence anything else that comes in unsolicited and accompanied by a request to be “chmodded” in order to execute must surely arouse the suspicion of even the most clueless users.
Edited 2008-11-20 00:08 UTC
there are ways around it. archives will preserve +x, and social engineering could wget a binary off of a site, chmod it, and run it without too much difficulty (post “I got world of warcraft to run flawlessly! just copy/paste this command into a terminal: ” on to ubuntuforums). You could also add a malicious script into a .deb.
You are right that it is harder on most flavors of unix to get people to run arbitrary code then most other operating systems, but its mostly relative. The most important thing is user education, people who mindlessly do things they don’t fully understand on any operating system are easy targets.
Social engineering is always a possibility … but the extent you have to go to to pull off such a trick is considerably greater on Linux, and as a direct consequence the chances of social engineering actually working to any significant extent is far less.
For example … your example of a post on ubuntuforums … wouldn’t last for more than 5 minutes before being taken down, I’d wager.
This is what “community” is all about.
Even if it’s still easy to attack Linux users with social engineering, it’s still a hell of a lot harder than attacking Windows users. I don’t know how many people I pulled out of the fire the first time the “Block Checker” went around on MSN, but by the second time around, I noticed it was all the same people. Sad fact is, the vast majority aren’t just under-educated on basic computer security, they’re downright stupid.
Correct, it probably does not arrive with the execute bit set. However, it wouldn’t be hard to engineer the exploit to also simply set that bit.
Note entirely true. Both Klik and zeroinstall are examples of systems that does not install applications globally using the package manager and that does not need root access to install applications.
There are also many apps that are not distributes using the package manager, such as Skype and Gizmo. It of course also possible to just download a .deb or rpm, double-click on it in the filemanager and have it installed.
Edited 2008-11-20 14:52 UTC
If people do this, if people do that. The problem is not what people should do, the problem is what they actually do. If people behaved sensibly the need for AV software in Windows would be less too.
You know, I am perfectly aware of the advantages of the unix security model (having run Unix, Linux and BSD since 1994) but living in denial of the real risks isn’t helping anyone.
It’s perfectly possible that a vulnerability in, say, Firefox would make it possible for an attacker to place a binary executable (static linking is awesome like that) in a users home directory and have it run every time you log in. This program would then have free access to the users files and can bind to high ports and take part in botnets. The bad guys don’t want to screw your box and give themselves away, they want to get at your bank accounts, passwords etc.
NOTHING in the Unix security model prevents this because it was not designed to.
Again, they DO NOT want to attack Linux, they want to attack YOU and for that they don’t need admin powers.
True.
On a Windows system AFAIK, stuff that arrives on a system from an external source can execute and “stay in the background, gather data and/or be a part of a botnet” without ever necessarily bothering any local user to ask permission to execute.
Windows update is one example.
Putting a certain type of Sony CD in the CD drive is another example.
I’m sure there are myriad other ways for this to happen.
How do you protect users from things they knowingly install themselves without realizing that they are malicious? The majority of Windows Malware falls into this trojan horse category.
It’s called UAC, and it is the number one thing people hate about vista
That’s all.
I have to say, im a bit confused. There is this software called windows defender that is already installed with vista. They already give it away for free… This is nothing new.
Edited 2008-11-19 18:34 UTC
Windows defender is just for spyware, doesn’t really handle virii. OneCare is their product for all around protection, but it is a paid subscription product.
… they make their products not suck ass.
They can go about it by making their products not be such bloated, resource hogging, obtrusive obominations, and then make them add exceptional security above and beyond what the free MS stuff offers.
Symantec and McAfee have made fortunes leeching off Windows’ security problems.
That gravy train is ending, thankfully.
Edited 2008-11-19 21:03 UTC
http://www.little-gamers.com/2008/11/19/oxymorronsoft/
๐
With Windows malware is a feature not an option, it is one of the nice things that go hand and hand with all Windows Operating Systems.
๐
I was always saddened when to started charging for the community service effert that they took away when moving to the OneCare model.
Microsoft is responsible for the security of it’s own products, more so than any other vendor. There are some places where I think MS is wrong for bundling middle-ware with their operating systems, and other products. But when it comes to security, they are really responsible, and requiring users to caught up cash to a third party to keep their own products working – that was the wrong situation. This they are going to (finally) get right.
BTW, you can already get 3 different anti-virus products (off the top of my head) for free, that all perform better than Norton or McAfee – both of which are simply abysmal. So whatever..