Microsoft Rebrands, Broadens Spyware Solution

Microsoft (Nasdaq: MSFT) this week renamed its antispyware software from Windows AntiSpyware to Windows Defender, which may be more appropriate for a combined spyware/virus defense solution, industry observers said.

Microsoft did not make clear whether its antivirus solution would be folded into Defender, which the software giant described as "what Windows will do for customers, defending them from spyware and other unwanted software."

The company -- despite not setting a firm date for the next build and release of the security software -- did stress that the software will be aimed at more than spyware.

"Our solution has really been about more than just the standard definition of 'spyware,'" read one entry in a company blog. "We've always said we will provide visibility and control, as well as protection, detection and removal from other potentially unwanted software, including rootkits, keystroke loggers and more."

Not Just a Name Change

Making references to its forthcoming update to the Windows operating system, Vista, Microsoft said the change to Windows Defender was more than a name change, citing the engineering coordination of updates, registry keys, file names, properties and images.

"The engine is now moved to a system service, and signatures are delivered over Windows Update," said the Microsoft blog. "The detection mechanisms have also been radically improved by applying to spyware threats all the great detection technology we use in our antivirus engine."

AV Untested

Although the prospect of an anti-spyware/antivirus installation through Windows Update caused some concern as voiced in response to Microsoft's blog, the name change to Defender makes sense, since Microsoft appears to be folding its antivirus (AV) into the anti-spyware software, according to Webroot Vice President of threat research Richard Stiennon.

Stiennon, whose company is a competing anti-spyware software provider, told TechNewsWorld that Microsoft had referred to bundling its "great AV technology" with Defender.

"The only problem is, nobody's ever seen it," Stiennon said of the Microsoft AV. "This is a huge trial period coming up for Microsoft."

Defender Definitions

Microsoft said it had begun readying Windows Update to include signature updates for Defender. The company said enterprise customers using Windows Server Update Services would begin seeing 'Windows Defender' and a new classification called 'Definition Updates' in the product category dialog.

The Microsoft blog said that while the software is being developed for Windows Vista, it will also be available to Windows XP users and will replace Windows Anti-Spyware, which has been available in beta since January.

Part of Web Apps

Stiennon said the security software sounded in step with Microsoft's recent push with Internet-based applications, such as its hosted or "live" software offerings with Office Live and Windows Live.

"They're pushing updates and this seems to be part of, or around their scheme to get into software services," he said.

Stiennon said the adware/spyware threats have shifted away from random, broad attacks to targeted attacks tied to identity and information theft. He also questioned whether Microsoft's Defender would be effective against such attacks, but fell short of blaming the issue for significant defection away from Windows.