Nearly four months after hiring Sony rootkit whistleblower Mark Russinovich, Microsoft has moved his company's software to its website and released a new Windows system tool that can help fight hackers.
Freeware to fight hackers
The freeware products, now known as Windows Sysinternals, were made available on Microsoft's website earlier this week. They are based on the code that Russinovich and Bryce Cogswell had been distributing on Sysinternals.com before Microsoft bought their company, Winternals Software, in July.
"The tools are the same as what was on the original sysinternal site with the exception of some updates and the release of Process Monitor," Russinovich said in an email interview. Process Monitor is new software, based on code from two Sysinternals tools, which keeps track of activity on the Windows file system and registry and is designed to help Windows administrators with troubleshooting and malware detection.
Russinovich and Cogswell founded Winternals in 1996, and have since produced a number of widely used system-recovery and performance-tuning products.
Russinovich made international headlines last November after he discovered that copy protection software that Sony had been distributing with millions of CDs was cloaking itself using undetectable 'rootkit' software. Sony was ultimately forced to recall the affected CDs after hackers began using the rootkit to hide malicious code.
Russinovich's popular blog, along with his original posting on the Sony rootkit, has been moved to Microsoft's Technet website.
One aspect of the Sysinternals.com site that did not survive the transition to Microsoft is the free source code that Cogswell and Russinovich had made available for some of their tools.
These tools were not downloaded often, however, Russinovich said. That fact, "combined with the Microsoft requirement of having all published source scrubbed for security and compatibility issues", drove the decision not to move it forward, he said.