We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft tests antivirus product

'Behaviour blocker' features automatic updates, intrusion detection and prevention

Microsoft is alpha-testing an upcoming antivirus product, according to industry sources. They claim the antivirus software works as a "behaviour blocker" that monitors different events and actions on computers. If the event or action is typical of virus or is harmful, it will be prevented.

Behavior blockers do not use code signatures like traditional scanner-based antivirus programs, so they may be able to protect against new types of viruses without being updated – an important consideration for Microsoft.

The antivirus product was also referred to as an intrusion detection and protection system by sources, indicating that it may work in conjunction with the Windows Firewall.

An interesting feature of Microsoft's antivirus software is that it is distributed – it communicates with other machines over a secure channel and learns from them. More details on this capability are not currently available.

Alpha-quality software is not yet ready for release; it is typically not feature-complete and may still have significant bugs. Microsoft has repeatedly said security is a primary focus of future products, including the upcoming Windows update, Longhorn.

Earlier press reports quoted Microsoft's technical head of security in France, Nicolas Mirail, as having shared details of the new program. According to Mirail, the program will reference a regularly updated list of known viruses to check for infections. It will also analyse computers to see if they have been infected by viruses in the past, and attempt to advise users on how big a risk they stand in the future.

In 2003, Microsoft bought Romanian antivirus vendor GeCAD and Pelican Security Software, which makes behaviour blocking software. Technology from both companies will be incorporated in the new antivirus product. The release date is not yet known.

Microsoft New Zealand's communications manager, Carol Leishman, declines to comment on specific details about the new antivirus offering, but confirms that a product is in the works.

"When we bought GeCAD last year, Microsoft said it would provide (antivirus) services and engines," she says.

Leishman says a Microsoft study revealed that around 63 percent of users either didn't have an anti-virus installed, or didn't keep installed ones up-to-date. Hinting that behaviour blocking is indeed built into the new AV product, Leishmann says it will have "sandboxing that protects the system before infection."


IDG UK Sites

Windows 9 release date, price, features: Videos leak as Microsoft sets 30 September unveiling

IDG UK Sites

Why local multiplayer gaming is rapidly vanishing: we look at the demise of split-screen and LAN...

IDG UK Sites

IBC 2014 news: video post, CG and VFX news from Adobe, Blackmagic, Eyeon and more

IDG UK Sites

Retina MacBook Air release date rumours and specs: Gold 12in Retina MacBook Air almost 1cm thinner...