Where is Microsoft Anti-Virus????

[Seth Brundle]

When completing my install of Service Pack 2, I was happy to see the
firewall preconfigured and up-front to the user, which was an
excellent step forward in security for Windows.

However, I was shocked to see a balloon suggesting I purchase a
third-party antivirus program (!!!)

Microsoft, as a non open-source operating system company, needs to
accept responsibility for anti-virus products, or open up its source
code. Only those in possesion of the source code itself are best able
to manage a comprehensive and fast-response antivirus system.

To both acknowledge that your operating system is virus-prone and
suggest you pay someone else to protect you from Microsoft's insecure
software is very ironic.

Rather then promoting the anti-virus market by advertising third-party
products, why isnt Microsoft simply accepting the reponsibility of its
operating system security from end to end with an anti-virus
product??? As the owner of the OS, source code, and Windows
developers, and as one of the most cash-laden companies in the world,
they alone are best equipped to undertake this task, yet they seem
fine with simply letting their lack of security support a third-party
software market.

I dont want to pay $80 for my operating system, then pay another 50%
of the cost of the netire operating system to a third party to protect
me from its vulnerabilities - having the OS reccommend this is
insulting.

????

 

[Testy]

And giving Microsoft total responsibility for the security of your computer
would make you feel better????


Testy

 

[Jupiter Jones [MVP]]

Having Microsoft provide an anti virus may also be a problem.
1. Microsoft is not an expert source on viruses.
2. Anti virus manufacturers would likely start yet another lawsuit
based at least partially on monopolistic practices.
3. Probably many others.

If you choose to pay $40 as you suggest, that is entirely your choice
since there are more expensive and cheaper options...including free:
http://www3.telus.net/dandemar/virch.htm

Having the OS recommend this in not insulting, in fact it is a very
good idea that the OS recognize a possible problem and warn the user
before the problem becomes catastrophic.

 

[Carey Frisch [MVP]]

No version of Microsoft Windows ever included an
antivirus program. When you purchased your last car,
did the sales price include auto insurance?

Insuring against contracting computer viruses is a
personal responsibility. There are some free antivirus
programs you can use, if you wish, such as:

AVG Anti-Virus FREE Edition
http://free.grisoft.com/freeweb.php/doc/2/

Frequently asked questions about Windows Security Center
http://support.microsoft.com/default.aspx?scid=kb;en-us;883792&Product=windowsxpsp2

Frequently Asked Questions About Antivirus Software
http://www.microsoft.com/athome/security/protect/antivirus.mspx

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.aspx

------------------------------------------------------------------------------

:

| When completing my install of Service Pack 2, I was happy to see the
| firewall preconfigured and up-front to the user, which was an
| excellent step forward in security for Windows.
|
| However, I was shocked to see a balloon suggesting I purchase a
| third-party antivirus program (!!!)
|
| Microsoft, as a non open-source operating system company, needs to
| accept responsibility for anti-virus products, or open up its source
| code. Only those in possesion of the source code itself are best able
| to manage a comprehensive and fast-response antivirus system.
|
| To both acknowledge that your operating system is virus-prone and
| suggest you pay someone else to protect you from Microsoft's insecure
| software is very ironic.
|
| Rather then promoting the anti-virus market by advertising third-party
| products, why isnt Microsoft simply accepting the reponsibility of its
| operating system security from end to end with an anti-virus
| product??? As the owner of the OS, source code, and Windows
| developers, and as one of the most cash-laden companies in the world,
| they alone are best equipped to undertake this task, yet they seem
| fine with simply letting their lack of security support a third-party
| software market.
|
| I dont want to pay $80 for my operating system, then pay another 50%
| of the cost of the netire operating system to a third party to protect
| me from its vulnerabilities - having the OS reccommend this is
| insulting.
|
| ????

 

[Mike Brannigan [MSFT]]

When completing my install of Service Pack 2, I was happy to see the
firewall preconfigured and up-front to the user, which was an
excellent step forward in security for Windows.

However, I was shocked to see a balloon suggesting I purchase a
third-party antivirus program (!!!)

Why ? You have to purchase a great many other application programs etc -
there is no reason that we must include an anti virus product in the OS.

Microsoft, as a non open-source operating system company, needs to
accept responsibility for anti-virus products, or open up its source
code. Only those in possesion of the source code itself are best able
to manage a comprehensive and fast-response antivirus system.

Nonsense - if you use that argument then you are trying to say we either
write and ship every possible application and utility with the OS or go open
source.
The required APIs to hook to the file system and Security Centre in SP2 are
all published there is no more the AV writers need to know beyond that to
produce file system filter driver layer AV products - which many do
admirably.

To both acknowledge that your operating system is virus-prone and
suggest you pay someone else to protect you from Microsoft's insecure
software is very ironic.

Really ? - is it not also ironic that in the last few weeks various open
source operating systems have been attacked by various virus and trojans and
they still have paid for antivirus products as well as free ones just like
Windows.
(e.g. http://www.centralcommand.com/linux_products.html)
Windows is no more "virus prone" then any other operating system - we just
happen to have a share of the market that make it more attractive to attack
then those shares of other opertaing systems, so the hit rate against us is
orders of magnitude beyond those of say the Apple Mac or Unix/Linux
communities.

Rather then promoting the anti-virus market by advertising third-party
products, why isnt Microsoft simply accepting the reponsibility of its
operating system security from end to end with an anti-virus
product??? As the owner of the OS, source code, and Windows
developers, and as one of the most cash-laden companies in the world,
they alone are best equipped to undertake this task, yet they seem
fine with simply letting their lack of security support a third-party
software market.

Again - a specious argument - look at the majority of virus code around to
day - it is not attacking the OS directly through various exploits such as
buffer over runs etc - they are most often an executable delivered as
payload in an e-mail or other file that the user is duped into executing on
their PC. These attacks have very little to do with the underlying OS. Yes
there are cases where the code the virus uses has exploited certain bugs etc
and we work to fix these. We also added DEP in SP2 to prevent another
entire class of virus execution.
However the detection of these virus files on e-mails and as files on the
files system is not a primary area of the OS development.

I dont want to pay $80 for my operating system, then pay another 50%
of the cost of the netire operating system to a third party to protect
me from its vulnerabilities - having the OS reccommend this is
insulting.

Remember those vulnerabilities include your inability to tell if the file
attached to an a-mail you received is something you really should open. The
OS can only go so far in preventing attacks, by closing those holes, but the
exploitation of humans by social engineering of the subject of the e-mail to
the title of the attachment is something the OS has no control over. That
is where file system filets like anti virus products and also heuristic
scanning such as that found in Outlook 2003 help in preventing you ever
getting these files opened and infecting yourself.


--

Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

 

[Juergen Heinzl]

When completing my install of Service Pack 2, I was happy to see the
firewall preconfigured and up-front to the user, which was an
excellent step forward in security for Windows.

However, I was shocked to see a balloon suggesting I purchase a
third-party antivirus program (!!!)

Microsoft, as a non open-source operating system company, needs to
accept responsibility for anti-virus products, or open up its source
code.

[-]
Says who?

Only those in possesion of the source code itself are best able
to manage a comprehensive and fast-response antivirus system.

[-]
You do think of yourself as being qualified enough?

To both acknowledge that your operating system is virus-prone and
suggest you pay someone else to protect you from Microsoft's insecure
software is very ironic.

[-]
An OS isn't virus prone. It's a tool and any tool used for the wrong job or
in wrong ways is able to cause some damage, yet no-one ever said
hammers are prone to bang peoples thumbs to pulp.

Not yet, that is.

Rather then promoting the anti-virus market by advertising third-party
products, why isnt Microsoft simply accepting the reponsibility of its
operating system security from end to end with an anti-virus
product???

[-]
It's not Microsofts responsibility. If you want a secure OS get yourself
a different OS. It may not work the way you want it to and it may not be
able to run all the applications you want it to, yet it may be as secure as
you want it to be.

As the owner of the OS, source code, and Windows
developers, and as one of the most cash-laden companies in the world,
they alone are best equipped to undertake this task, yet they seem
fine with simply letting their lack of security support a third-party
software market.

[-]
There's no law that says "YOU ARE TO BUY AND RUN Windows XP".

I dont want to pay $80 for my operating system, then pay another 50%
of the cost of the netire operating system to a third party to protect
me from its vulnerabilities - having the OS reccommend this is
insulting.

[-]
If it hurts if you do this or that then don't do it.

People ...
Juergen

 

[Richard Urban]

Sorry you don't want to do that. But, if you don't, you will not have
antivirus protection. Period!

--

Regards:

Richard Urban

aka Crusty (-: Old B@stard

 

[Seth Brundle]

Well, for all you MVP's who insist that OS manufacturers are not
responsible for antivirus solution on some sort of 'logical' argument
should note that your boss just announced that MS would be launching
its own spyware cleaner - a great first step.

And as for M$ 'not being an expert at antivirus', which is pretty
funny, because the main focus of their organization in recent months
has been frantically bulletproofing and patching exploits at the
expense of pushing the next version of windows into half of what it
was supposed to be and twice as farther out, and lets not forget that
they actually *own the code*, which is a huge help.

Finally, they have more cash then just about any other company, and
buying companies to add to their software lineup isnt anything new -
they've certainly made worse aquisition decisions. A company that size
does not need resources lying around to build antivirus, and that
wouldnt be a good idea anyway - just BUY someone who is already on the
job - there are at least 6 targets.

Leaving the purchase, installation, and correct use of antivirus in
the hands of users will never be an effective internet security
solution - the goal is not to protect this users computer or that
users computer - the goal is internet security. We also cant expect
*every single user* to be able to afford and install antivirus
software. It needs to come with the OS.

In short, my 80 year old grandmother should be able to buy a new
windows computer, and expect it to be secure without my help.

If we want internet security, we need OS's that insure they are
patched and protected with AV PRIOR to general usage, not as an
afterthought. Clearly, that strategy has never worked, as it simply
results in a global game of whack-a-mole.

We certainly have the technology. As soon as windows installs are
configured for internet usage, they should not be able to do a damn
thing on the internet until all security updates and virus definitions
are downloaded and installed. This isnt rocket science. Its common
sense in a world where windows computers on the internet are
compromised within 20 minutes.

 

[Jupiter Jones [MVP]]

"...your boss just announced..."
Perhaps he is your boss, but he is not my boss or the boss of any
other MVP for that matter, at least if you are referring to who I
think you are.

Computers if setup correctly are safe out of the box.
Since the manufacturers do what they want regardless the capabilities
of the OS, they should at least get part of the blame.
Why do you omit them?

As far as Windows all by itself, if someone buys Windows, they are
building their own computer...or close enough.
If that is the case, they need to be aware what all is needed for
secure computing.

When you buy an engine for an automobile, should it be ready to go?
Or do you maybe have to buy gas and oil as well?

If your 80 year old grandmother buys a computer and the computer is
not secure to your/her satisfaction out of the box, you have a problem
with the OEM and not so much Microsoft.
Many OEMs provide an antivirus as well as other tools.

Much of your logic seems to apply more to an OEM rather than one
component of the computer system.
Hopefully you are also communicating your dissatisfaction to the OEMs
as well.

 

[Seth Brundle]

Just to show you that Gates is in agreement with me, and seems to have
already started what I proposed (and everyone here seems to think is
'innapropriate'...

"Microsoft has been testing a for-fee antivirus product, though the
company has not announced details of how it will offer it. The company
purchased Romanian antivirus firm GeCad in 2003. "

 

[Jupiter Jones [MVP]]

That is old news proves nothing for today.
You still need a 3rd party AV application.

 

[Seth Brundle]

That is old news proves nothing for today.
You still need a 3rd party AV application.

LOL you guys are non-relenting flamers.

How about Ballmer's comments from this week:

http://tinyurl.com/5otmc

What, exactly, is the difference between using AV2k5 from Norton, and
AQUIRING AV2K5 nad its development team FROM Norton, so that it comes
in the box?

The difference is that you dont have 100M otherwise unprotected OS's
propogating worms and viruses in the first place. MUCH more effective
then just relying on the relatively miniscule third-party installed
userbase.

What exactly is your argument for it *having* to be a third party app?
Because its always been that way?

 

[Jupiter Jones [MVP]]

There is no argument.
Don't get anti virus protection if you don't want it.
But since Microsoft does not currently provide AV protection, 3rd
party is the only option.
Having been that way has nothing to do with it.

As for your link?
Where does it go?
I as many others avoid links without knowing where it is going.
So Tiny URL and other similar links are ignored.

 

[Seth Brundle]

rotfl you are afraid to visit links because IE might explode!

Try visiting the link in Firefox, as CERN, DHS, and Slate have
reccommended.

It goes to a CNet article about Ballmer discussing at a EU conference
how M$ is moving in the direction I have been arguing for.

 

[Jupiter Jones [MVP]]

"afraid" has nothing to do with it.
I avoid going somewhere when I have no idea where it is.
You did not even have the courtesy to give a brief explanation of the
source.

Like I said before, it is old news.
"moving in the direction" is not the same as being there now.
It is not even known where there is or even if we will get there.
You can not protect your computer today with tools that will not be
available for a while.