MS Takes Minority Stake in Finjan Software

Microsoft has inked a patent licensing deal and acquired an equity stake in an Internet security startup it has been at odds with in the past over vulnerability disclosures.

Microsoft has acquired a minority stake in Finjan Software, an Internet security firm with which it has had a contentious relationship.

Financial terms of the transaction and the size of Microsoft Corp.s equity stake were not released. The deal was part of a non-exclusive patent licensing agreement that lets Microsoft use select Finjan Software Inc. patents covering computer security technologies.

Company executives on both sides declined to discuss the value of the deal or the specific patents being licensed.

"Its for a broad range of our security patent portfolio," said Finjan Chief Executive Asher Polani.

In an interview with Ziff Davis Internet News, Polani said Finjans patents cover a wide range of proactive, behavior-based technologies.

"Our technology provides understanding for zero-day defenses against the big threats: spyware, malware, viruses and Trojans," he said.

A spokesperson for Microsoft described the deal as "another proof point in Microsofts commitment to respecting the intellectual property of others."

She said the agreement is similar to other licensing deals recently announced by the Redmond, Wash.-based software vendor, adding, "It underscores [Microsofts] focus on licensing IP as an essential part of maintaining a healthy cycle of innovation in the IT industry."

The decision to take an equity stake in Finjan comes on the heels of public bickering between the two companies over the responsible disclosure of security vulnerabilities.

/zimages/4/28571.gifClick here to read more about the conflict between Microsoft and Finjan over security disclosures.

Last November, Finjan released an alert warning that attackers could "silently and remotely" hijack Windows XP Service Pack 2 machines because of "major flaws" that compromise end-user security.

Finjan said full technical details of the vulnerabilities—including proof-of-concept code—were given to Microsoft, but the software giant reacted by suggesting that the Finjan warning was overblown.

"Our early analysis indicates that Finjans claims are potentially misleading and possibly erroneous regarding the breadth and severity of the alleged vulnerabilities in Windows XP SP2," a Microsoft spokesperson said at the time.

The spokesperson continued, "[We encourage] Finjan to abide by the principles of responsible disclosure and to decline to provide further comment or details on the alleged vulnerabilities until Microsoft is able to complete its investigation and can respond properly to protect customers."

When told that Microsoft was discounting the severity of his companys claims, a senior Finjan executive retorted: "These are not theoretical assumptions. These findings are based on code implementing each and every one of those 10 vulnerabilities."

/zimages/4/28571.gifClick here to read about Microsofts beta test of Windows AntiSpyware.

Microsoft isnt the only third-party vendor with a minority stake in Finjan. Last June, Cisco Systems Inc. led a $10 million round of financing for the San Jose, Calif.-based security start-up. Benchmark Capital, Bessemer Venture Partners and Israel Seed Partners also participated in the round.

Just last week, Finjan fired its CEO Shlomo Touboul and appointed Polani, a former Hewlett-Packard Co. executive, in his place.

/zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.