Microsoft Proposes Continued Innovation and Change in Face of Evolving Malicious Software Threats

NICE, France — Oct. 24, 2006 — In his keynote address at the RSA Conference Europe 2006, Microsoft Corp. Security Technology Unit Corporate Vice President Ben Fathi discussed the evolution of the computing ecosystem and malicious software landscape, and called on the IT security industry to team with Microsoft in investing in continued innovation to keep pace with ever-evolving threats. Fathi described Microsoft’s ongoing investments to enable a trust ecosystem, pointing to security advancements in the forthcoming release of Windows Vista™ as an important opportunity for the industry to become more proactive in its aim to provide users with a safer computing experience. Specifically, Fathi announced milestones toward this goal, including the availability of Microsoft® Certificate Lifecycle Manager beta 2, a digital certificate and smart cards management solution; the general availability of Windows® Defender, a free anti-spyware solution; and the availability of the Sender ID Framework specification for e-mail authentication under Microsoft’s Open Specification Promise (OSP).

“As threats continue to evolve and computing advances, we need an environment that engenders trust and accountability,” Fathi said. “To help protect customers and ensure the long-term success of the computing ecosystem, the industry must embrace change and innovation.”

An Evolving Threat Landscape, an Industry at a Crossroads

Fathi opened by outlining how the evolving threat landscape requires new thinking about how to make operating systems more secure and reliable. To illustrate, he referred to the new “Microsoft Security Intelligence Report,” which found that threats against consumers and businesses are becoming more targeted and motivated by financial gain, with backdoor Trojans and bots continuing to make up a significant percentage of the malicious software detected by Microsoft anti-malware offerings. The report also found that social engineering continues to be a popular means of spreading malware, especially when sent over e-mail and peer-to-peer networks, and that rootkits are likely to continue to be popular for targeted, stealth intrusions. Data from several customer-focused Microsoft products and services were used to compile the information provided in this report, which is available at

Fathi also made known that as part of the Microsoft Security Response Alliance, Microsoft plans to develop a malware sample sharing program for security ISVs. The program will further enable the industry to work closely together on the protection of mutual customers as the threat landscape continues to evolve.

In the face of evolving threats, Fathi asserted that the industry is at a crossroads where, due to processor innovations and the decreasing cost of 64-bit processors, 64-bit computing is on the horizon as the next significant PC computing architecture. He emphasized that Microsoft and the worldwide IT security industry — including platform providers, hardware manufacturers and security independent software vendors — needs to invest in continued innovation to keep pace with the threats.

To fully support the evolving ecosystem, Fathi said the security industry must build more innovative security solutions than it did in the past to help protect customers. As a first step, he described how Microsoft has improved the security, reliability and integrity of the Windows kernel through innovative technologies such as Kernel Patch Protection in 64-bit environments, including Windows Vista, to provide greater stability, protection and defense against malicious threats. Kernel Patch Protection raises the bar for security and also provides a significant opportunity for the security industry to extend this work by designing next-generation security solutions.

Fathi reaffirmed Microsoft’s commitment to continuing to work with security partners to provide the kernel functionality they need, beyond what is available today in Windows XP and Windows Vista, without bypassing Kernel Patch Protection.

A white paper detailing Kernel Patch Protection in Windows Vista is available at

The Need for a Trust Ecosystem

Fathi discussed how the opportunity facing the industry at this inflection point is crucial to enabling and sustaining a healthy computing ecosystem. He expanded on the need to enable a trust ecosystem, a principle Microsoft Chairman Bill Gates first discussed at the RSA Conference 2006 U.S. in February. A “trust ecosystem” is an environment that engenders trust and accountability between code, people, organizations and devices. Fathi highlighted several milestones that help support the four elements of a trust ecosystem:

  • Code. He announced the general availability of Windows Defender, a free, easy-to-use anti-spyware solution that helps consumers stay productive by providing protection against pop-ups, slow performance and security threats caused by spyware. Available today in English to Windows XP customers, Microsoft expects to release Windows Defender in other Windows-supported localized languages over the coming weeks, and it will be included as part of the Windows Vista operating system when it is made available in January.

  • People. Fathi announced the availability of Microsoft Certificate Lifecycle Manager (CLM) beta 2, a solution that can help lower the costs associated with digital certificates and smart cards by enabling organizations to more efficiently maintain a certificate-based infrastructure. CLM simplifies administrative processes, providing easy deployment with no additional development required, and the flexibility of both centralized and self-service management. CLM beta 2 is available for public download and evaluation at In related news, Gemalto, a leading smart card vendor, today announced support for CLM through integration with its Microsoft .NET smart cards. Fathi also pointed to plans for releasing Windows CardSpace (formerly “InfoCard”) in Windows Vista. Windows CardSpace is a digital identity technology for simplifying and improving the safety of accessing resources and sharing personal information on the Internet.

  • Organizations. The Sender ID Framework specification for e-mail authentication is now available under Microsoft’s OSP, an irrevocable promise to every individual in the world so they can make use of the covered Microsoft technology easily and for free. After nearly two years of worldwide deployment to over 600 million users and protection for more than 5 million domains worldwide, Sender ID already enjoys broad industry support. The application of the OSP will promote further industry interoperability by making the e-mail authentication framework more broadly available to the entire Internet ecosystem including customers, partners, Internet service providers, registrars and the developer community no matter what model they use — commercial, open source or academic.

  • Devices. Fathi referenced Microsoft Network Access Protection, a policy enforcement platform built into the Windows Vista and Windows Server® code-named “Longhorn” operating systems that enables organizations to better control access to network assets by enforcing compliance with system health requirements. The recently announced interoperability architecture between Microsoft Network Access Protection and Cisco Network Admission Control is an important milestone in an ongoing relationship between the two industry leaders.

Fathi also noted that in the first four days after its release in English, more than 3 million people downloaded Internet Explorer® 7, which provides advanced safeguards that help protect against malicious software and phishing attacks. In Internet Explorer 7, Microsoft has helped reduce the exposure to these attacks by fortifying the browser itself and providing better information to users to assist them in making better and safer decisions online. Internet Explorer 7 will be made available in many European languages starting next week. Microsoft encourages customers to download the browser at and accept the installation when they see the option on Automatic Updates.

Industry Call to Action

Fathi closed by calling on the industry to take advantage of the evolution of the Windows platform and the security, privacy, reliability and performance benefits of 64-bit architecture to build greater user trust in computing.

“Security threats and the IT landscape are changing with dramatic speed, requiring bold thinking from the security industry. Sophos has a 20-year history of protecting against known and unknown threats, embracing innovation, and welcoming more secure environments such as Windows Vista,” said Steve Munford, CEO of Sophos Plc. “We have engineered our best-of-breed solutions to take advantage of OS progress and create a universal client to deliver a comprehensive security platform for business.”

Fathi noted that Microsoft cannot take the next step alone, that such an opportunity to drive security innovation forward only presents itself every few years, and that the collective industry would be remiss to not capitalize on it for the benefit of customers and the PC ecosystem. Finally, he stressed Microsoft’s commitment to working with partners on ways to enhance the platform and provide greater opportunity for all software providers to build new and innovative solutions for their mutual customers.

Founded in 1975, Microsoft (Nasdaq “MSFT”) is the worldwide leader in software, services and solutions that help people and businesses realize their full potential.

Microsoft, Windows Vista, Windows, Windows Server and Internet Explorer are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

Note to editors: If you are interested in viewing additional information on Microsoft, please visit the Microsoft Web page at on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at

Related Posts