February 15, 2005
SAN JOSE, Calif. - Microsoft Corp. co-founder Bill Gates is expected to give his perspective Tuesday on computer security and provide an update on the software giant's efforts to make computing more "trustworthy."
He will speak to an estimated 11,000 security experts gathered for the weeklong RSA Conference, sponsored by RSA Security Inc., based in Bedford, Mass.
In the three years since Microsoft launched its initiative to improve the security of its products, the company has changed how its software is written, improved the mechanism for fixing bugs and released some tools for removing virtual pests.
So far, results have been mixed. While there have been no major attacks in recent months, the number of worms and viruses continues to grow and other headaches - such as spam, spyware and adware - are multiplying and quickly becoming security threats themselves.
Most still target Microsoft Windows, the world's dominant operating system.
Since Gates (now the company's chairman and chief software architect) spoke at the RSA Conference in 2004, Microsoft has issued a major security upgrade to Windows XP aimed at blocking malicious code and protecting users from downloading programs that might carry a virus, worm or other unwanted program.
The company also has recently started releasing programs that remove a limited number of worms and other pests. It's also giving away an early version of Microsoft AntiSpyware, a program that removes unwanted programs and helps protect new ones from being installed.
But so far it's remained mum on when it will jump into the antivirus software business and directly compete against companies that sell programs designed to shore up Windows.
Microsoft declined to comment in advance of the speech.
"It may be something of a natural evolution for them, although ironic given that it's a majority of their software is what they're having to protect," said Vincent Gullotto, vice president of McAfee's Antivirus and Vulnerability Emergency Response Team.
"While they're building software to protect their software, they're also building their software to be secure," he added. "It should prove to be some interesting times."
Meanwhile, Microsoft continues to be a target. Last week, a "Trojan horse" program was detected that attempts to shut down its antispyware program as well as steal online banking passwords.
"This particular attempt appears to be the first by any piece of malware to disable Microsoft AntiSpyware, but it may be the first of many such future attacks," said Gregg Mastoras, senior security analyst at Sophos PLC, a security firm.
Meanwhile, other security software vendors aren't standing still.
Symantec, for instance, has unveiled a new version of its corporate computer security software that promises not only to remove traditional viruses and worms but also adware and spyware. The updated programs are expected to be available next month.
"Customers are looking for spyware and adware protection from their antivirus vendor, a partner they trust," said Brian Foster, Symantec's senior director of product management for client and host security.
McAfee Inc., another antivirus company, also is putting a greater focus on spyware and adware with its McAfee Anti-Spyware Enterprise for corporations. It will be available March 2.
McAfee also is announcing that it will send out updates of its virus definitions on a daily, rather than weekly basis. The new program starts Feb. 24 for its corporate clients. The more frequent updates will be available for its retail software in about three months, Gullotto said.