Microsoft Adds Security Muscle

Computer giant adding security response and research operations around the world

That's a much-needed improvement. OneCare earlier this year failed an independent test in which Virus Bulletin, backed by a team of U.K.-based researchers, pitted 15 antivirus software packages against a series of viruses. OneCare didn't catch them all.

Although Microsoft's leaps in antivirus detection capabilities may be impressive, they alone are not enough. Today's threats are much broader and include zero-day vulnerabilities, targeted Trojan horses, remote breaches and data loss. Microsoft is far behind in offering protection against those threats, experts said.

"The problem is that Microsoft's functionality is limited in nature," said Natalie Lambert, a Forrester Research analyst. "If it's really concerned about today's emerging issues, enterprise will be better off with a full-suite product from the likes of McAfee, Symantec, and Sophos."

Marx also said that Microsoft lacks some key protection technologies.

"Microsoft has not even implemented an e-mail virus scanner in their OneCare product, not to speak about HTTP scanning or proactive detection technologies based on behavior analysis," Marx said. HTTP, or hypertext transfer protocol, is used for Web browsing and behavior-based detection is meant to catch new threats for which no signature exists.

Microsoft itself admits it isn't there yet.

"We're a credible voice in the industry, but we continue to have work to do in improving our response capacity and building out our global team," Miller said. "We're always under construction. The threat landscape is always changing, it is so quickly evolving. We're both built and under construction at the same time."

<<ZDNet News -- 04/27/07>>