Jim Allchin, group vice president of Microsofts Platforms Group, says todays anti-virus software isnt doing the job and shouldnt be the first line of defense against malicious software. During a wide-ranging interview at the WinHEC conference this week in Seattle, Allchin said hes noted a rise in the incidence of small attacks—perhaps targeted at only a few hundred computers—that anti-virus software doesnt catch.
Microsoft has tested computers infected with such malware and found it undetectable by current anti-virus software, including its own (not yet in commercial release). Further, because the attacks are so limited, the virus signatures may never be reported to anti-virus laboratories and thus never added to anti-virus applications.
Such attacks may be directed against specific companies with an economic motive and can have serious, long-term consequences. Allchin said protecting systems against these "undetectable" threats is a key part of Microsofts security strategy.
One way to do this is with systems better able to monitor themselves for suspicious activity. Another is to further reduce the "threat surface" available for criminals to exploit; Allchin did not elaborate on ways to reduce the threat.
I asked if the goal was to make anti-virus software—which has become quite an industry—unnecessary.
"No, but wed like to see it be more of an option" for customers, rather than a requirement, Allchin said.
A more challenging problem is presented by social-engineering attacks (phishing, for example), Allchin told me. The problem being that if customers want to follow a link contained in an e-mail, its almost impossible—and not even a good idea in many instances—to stop them.
We agreed, however, that e-mail and Web site authentication would be important steps in protecting users, though I got the idea that Allchin has other protection schemes in mind but isnt ready to discuss them.
On a security-related topic that concerns me more than most people, Allchin assured me that despite the globalized nature of Microsofts business, adequate protections were in place to ensure that no malicious code can be written into its software. I wont go into this in detail, except to say Allchin was willing to discuss how the companys code is protected in enough detail to allay my concerns about terrorists or others gaining access to it.
Allchin also responded to jabs Microsoft has been taking lately from Apple, which is set to introduce its new "Tiger" operating system on Friday.