New details have come to light about Microsoft’s new anti-virus service. The details came from an executive at MS’s French headquarters, and feature information unconfirmed by US sources.
The anti-virus product will be a stand-alone package based on tools acquired from Microsoft’s recent acquisitions of GeCad and Pelican Software. The software will work in two ways: the first component will use a regularly updated virus definitions database to identify viruses by a unique signature.
This method is used by almost all anti-virus packages in the market today – each virus and its variants have a unique sequence of bytes that can be spotted by scanning memory and hard-drives. This method is only effective against new viruses if the database is updated regularly to feature newly discovered “fingerprints”, otherwise infection can still take place.
The second ant-virus measure scans for previous infections and provides a risk assessment for users. It’s not yet clear if the package will provide system scanning to halt suspicious behaviour, such as bypassing the operating system to write to disk or accessing email address books, which will prevent unknown viruses wreaking havoc.
Given that Microsoft estimates that two out of three computer users do not have up-to-date anti-virus software, this could be a very lucrative move. According to anti-virus specialists Sophos, 4,677 new virus were reported in the first six months of 2004.