Kaspersky Ships Vista AV Support

 
 
By Matt Hines  |  Posted 2006-12-29
 
 
 

Kaspersky Ships Vista AV Support


Software maker Kaspersky Lab has released its initial anti-virus products that support Microsofts new Vista operating system.

Shipped on Dec. 28, the software is a beta version of a maintenance update for Kasperskys Anti-Virus 6.0 and Internet Security products that includes the new support for Vista, which was introduced by Microsoft in mid-November 2006.

While the first Vista-oriented products built by Kaspersky, which has its headquarters in Moscow, Russia, cover the companys consumer-oriented technologies, the firm is in the process of creating versions of its enterprise security applications that will be tailored to work with the Microsoft OS. Kaspersky has yet to disclose publicly an official date when those products will arrive.

Built with a number of security tools onboard, including anti-virus capabilities, some industry watchers have predicted that the arrival of Vista will make it harder for mid-tier software makers such as Kaspersky to compete, as Microsofts entry to the market will also push industry leaders Symantec and McAfee to cut pricing for their own applications.

Company executives said that despite those perceptions, it is still vitally important for Kaspersky to offer alternatives for customers who want to adopt the Vista OS.

"Many of our users have expressed interest in Vista, and we are providing a clear path for them to do so securely with Kaspersky," said Steve Orenberg, president of Kaspersky, in a statement. "Customers can confidently continue to enjoy the response time and protection from Kaspersky regardless of which operating system they choose."

The companys Anti-Virus 6.0 release offers protection against a wide range of malware attacks, while the Internet Security package features additional defense against adware, spam and hacker intrusions.

Thus far Vista has been unable to avoid some of the same types of security issues as its predecessor, Windows XP, despite significant efforts on the part of Microsoft to ship the OS with fewer code vulnerabilities than its previous products.

Read more here about Vista exploits.

In mid-December, members of a Russian hacker forum issued proof-of-concept exploit code for a privilege escalation vulnerability affecting all versions of Windows—including Vista, forcing Microsoft to activate its emergency response process.

Officials with Microsofts Security Response Center confirmed that the company is "closely monitoring" the public posting, which first appeared on Dec. 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server.

According to subsequent posts on several security mailing lists, the vulnerability is caused by a memory corruption when certain strings are sent through the Microsoft products MessageBox API.

Kaspersky has a long history of helping to root out Windows attacks emerging from its Russian homeland. Back in December 2005, researchers at the companys Moscow labs were also the first to find evidence that the exploit code used in the WMF (Windows Metafile) attack was being peddled by Russian hacker groups for $4,000.

Next Page: Exploits.

Exploits


In related news, it was recently reported by Kaspersky rival Trend Micro that underground hackers are already hawking zero-day exploits for Vista at a price of $50,000 per vulnerability. That Windows Vista exploit—which has not been independently verified—was just one of many zero-days available for sale at an auction-style marketplace infiltrated by the Tokyo-based anti-virus vendor, according to researchers at Tokyo, Japan-based Trend Micro.

Some experts have said that companies such as Kaspersky and Trend, that primarily provide anti-virus technologies, will see pricing for their products erode as end users adopt Vista and gain access to other new Microsoft security products, including its own malware-fighting tools. However, analysts said that development shouldnt come as a surprise to the AV players as Microsofts entry to the market has been on the horizon for some time.

John Pescatore, analyst with Stamford, Conn.-based Gartner said that the packaged security products offered by Symantec and McAfee, along with the arrival of Microsofts integrated technologies, have made it almost impossible to survive on AV alone.

Orenberg, president of Kasperskys U.S. unit, said he expects the price war to escalate even more in the coming months as Microsoft puts even more pressure on Symantec, McAfee and Trend Micro to cut pricing to maintain market share.

If you go into any of the major retail stores, you see the usual suspects on the shelf, and theyre all going after the lowest common denominator. Over the last few years, the list price has gone down and down and down. Now that Microsoft is coming in even lower, it will get crazier," Orenberg said in a recent interview.

He said that Kaspersky will instead attempt to buck the pricing trend and aim its products at educated customers who he said are less likely to put their security in Microsofts hands.

Natalya Kaspersky, chief executive of the AV specialist, said customers are unwilling to trust Redmond, Wash.-based Microsoft based on the sheer volume of security-related problems in Windows and its other products.

In a presentation to members of the media at the companys headquarters in mid-December, she said the security industry has seen nothing to suggest that Microsoft would be able to dominate the anti-malware market with the same ease as it has been able to dominate the OS space. Kaspersky specifically cast doubts on Microsofts ability to successfully market its OneCare PC security maintenance service.

"Microsoft still does not have a good reputation in this area. By default, Microsoft solutions are perceived as being insecure or full of security loopholes," Kaspersky said.

"Given this, I am afraid that Microsofts new anti-virus solutions may suffer the same fate; virus writers will create malware that is designed primarily to evade detection by OneCare."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

Rocket Fuel