TECH ED - Malware's commercialisation drives security

As long as there's money to be made, computer security will be an issue, panelists at the Microsoft TechEd 2006 conference said Tuesday.

They said security remains a problem because of commercial incentives to build malicious software, but progress is being made and the fight will continue.

"The biggest trend I think we hear talked about is the move toward kind of commercial malicious software," such as spyware and software to harvest passwords, said Adam Overton, a group manager on the Microsoft Antimalware Team. The chance for monetary gain means there will be a lot more of this software, he said.

Other panelists agreed. "There's a growing trend on getting on a machine and staying [stealth] on the machine," so people cannot detect that the software is there, said Mark Russinovich, chief software architect and co-founder of Winternals Software.

Responding to a question on the perception that malicious software is Microsoft's fault, Matthew Braverman, also a program manager for Microsoft's Antimalware Team, cited social engineering as a cause of attacks. These attacks can enter a system through e-mail, Instant messaging, or peer-to-peer networking. Social engineering, added Russinovich, tries to get people to consent to having malware installed on their machines.

Malware, he said, will be adapted to live in a limited environment, not needing a rootkit, for example.

Despite the dire predictions of security remaining an issue, panelists noted progress and cited solutions. Offline scanning, for example, is an effective tool for a system infected with a rootkit, Braverman said.

Companies, meanwhile, need to enforce restriction policies on software being installed on their computers, Russinovich said. "The trend that I see here in a corporate environment is the only way to really remain safe is to enforce application execution policy across your desktops," said Russinovich. He acknowledged his company offers products for this purpose and that his remarks may be viewed as self-promoting.

Microsoft's Antimalware Team recognizes that given the amount of malware existing, it is not feasible to look into every variant. For example, the company has seen 2,000 variants of the Win32/Rbot per month, Braverman said. But Microsoft is working on signatures to combat Rbots.

Fighting malicious software is a battle that can be won, said Christopher Budd, a Microsoft security program manager. Braverman added that progress is being made but more needs to be done. The company is seeing an average decrease of malware variants that it knows about, he said. Tools available are having an impact, he said.

Malware authors, meanwhile, are being forced into a smaller box, Russinovich said. "Before, they could write whatever kind of crap and it would detect people's machines," Russinovich said. "Now, that's becoming much more difficult."

The panel session at TechEd occurred on the same day Microsoft released its largest collection of security patches in a year.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Paul Krill

Show Comments

Father’s Day Gift Guide

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?