Microsofts AntiSpyware Rebranded Windows Defender

The revamped anti-spyware product will be bundled into Vista with a new signature update mechanism and the ability to detect rootkits, keystroke loggers and other forms of malware.

Microsoft Corp.s Windows AntiSpyware technology has been renamed "Windows Defender" and has been expanded to detect and remove rootkits, keystroke loggers and other forms of malware.

The revamped application will be bundled into the Windows Vista operating system, but users will be free to choose a competing spyware protection product from a redesigned Windows Security Center.

Jason Garms, group program manager for Microsofts anti-malware technology team, made the announcement in a blog entry that also included confirmation that rootkit detection will be fitted into the product.

As previously reported, Microsoft will use rootkit detection technology from its Strider Ghostbuster research project.

Strider Ghostbuster is a prototype tool developed by Microsofts Cybersecurity and Systems Management Research Group.

/zimages/6/28571.gifClick here to read more about Microsofts rootkit detection technology.

"Our solution has really been about more than just the standard definition of spyware," Garms said.

"Weve always said we will provide visibility and control, as well as protection, detection and removal from other potentially unwanted software, including rootkits, keystroke loggers and more."

/zimages/6/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

"Making the engineering change from Windows AntiSpyware to Windows Defender took a lot of careful coordination across our team to ensure that the strings in the UI got changed, the help files all got updated, registry keys, file names and properties, as well as a couple of images all got changed," Garms said.

The revamped product will be fitted with a new user interface and a significant change to the way malware signature updates are delivered.

/zimages/6/28571.gifRead more here about Microsofts plans to bundle its anti-spyware software with Vista.

"The engine is now moved to a system service, and signatures are delivered over Windows Update. The detection mechanisms have also been radically improved by applying to spyware threats all the great detection technology we use in our anti-virus engine," Garms added.

Although the changes are being geared for Windows Vista, Garms said the enhancements will also be available to existing Windows XP users via a software refresh.

In Vista, users will be allowed to disable or turn off Windows Defender and install a third-party anti-spyware application.

The Vista Security Center will also be able to detect if an anti-spyware application such as Windows Defender is running and operating normally.

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.