Microsoft Proposes Continued Innovation and Change in Face of Evolving Malicious Software Threats

Posted by bink on October 25 2006, 3:49 AM. Posted in Windows Defender.

At a gathering of European IT security professionals, Microsoft security executive asserts that the shift to 64-bit computing is an inflection point for PC security.

In his keynote address at the RSA Conference Europe 2006, Microsoft Corp. Security Technology Unit Corporate Vice President Ben Fathi discussed the evolution of the computing ecosystem and malicious software landscape, and called on the IT security industry to team with Microsoft in investing in continued innovation to keep pace with ever-evolving threats. Fathi described Microsoft’s ongoing investments to enable a trust ecosystem, pointing to security advancements in the forthcoming release of Windows Vista™ as an important opportunity for the industry to become more proactive in its aim to provide users with a safer computing experience. Specifically, Fathi announced milestones toward this goal, including the availability of Microsoft® Certificate Lifecycle Manager beta 2, a digital certificate and smart cards management solution; the general availability of Windows® Defender, a free anti-spyware solution; and the availability of the Sender ID Framework specification for e-mail authentication under Microsoft’s Open Specification Promise (OSP).

“As threats continue to evolve and computing advances, we need an environment that engenders trust and accountability,” Fathi said. “To help protect customers and ensure the long-term success of the computing ecosystem, the industry must embrace change and innovation.”

An Evolving Threat Landscape, an Industry at a Crossroads

Fathi opened by outlining how the evolving threat landscape requires new thinking about how to make operating systems more secure and reliable. To illustrate, he referred to the new “Microsoft Security Intelligence Report,” which found that threats against consumers and businesses are becoming more targeted and motivated by financial gain, with backdoor Trojans and bots continuing to make up a significant percentage of the malicious software detected by Microsoft anti-malware offerings. The report also found that social engineering continues to be a popular means of spreading malware, especially when sent over e-mail and peer-to-peer networks, and that rootkits are likely to continue to be popular for targeted, stealth intrusions. Data from several customer-focused Microsoft products and services were used to compile the information provided in this report, which is available at

Fathi also made known that as part of the Microsoft Security Response Alliance, Microsoft plans to develop a malware sample sharing program for security ISVs. The program will further enable the industry to work closely together on the protection of mutual customers as the threat landscape continues to evolve.

In the face of evolving threats, Fathi asserted that the industry is at a crossroads where, due to processor innovations and the decreasing cost of 64-bit processors, 64-bit computing is on the horizon as the next significant PC computing architecture. He emphasized that Microsoft and the worldwide IT security industry — including platform providers, hardware manufacturers and security independent software vendors — needs to invest in continued innovation to keep pace with the threats.

To fully support the evolving ecosystem, Fathi said the security industry must build more innovative security solutions than it did in the past to help protect customers. As a first step, he described how Microsoft has improved the security, reliability and integrity of the Windows kernel through innovative technologies such as Kernel Patch Protection in 64-bit environments, including Windows Vista, to provide greater stability, protection and defense against malicious threats. Kernel Patch Protection raises the bar for security and also provides a significant opportunity for the security industry to extend this work by designing next-generation security solutions.

Fathi reaffirmed Microsoft’s commitment to continuing to work with security partners to provide the kernel functionality they need, beyond what is available today in Windows XP and Windows Vista, without bypassing Kernel Patch Protection.

A white paper detailing Kernel Patch Protection in Windows Vista is available at Continue At Source