Kaspersky Ships Vista AV SupportBy Matt Hines | Posted 2006-12-29 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
The anti-virus specialist offers support for Microsoft's new operating system, the very same product that some people believe will put increased pressure on Kaspersky's entire business.
Software maker Kaspersky Lab has released its initial anti-virus products that support Microsoft's new Vista operating system.
Shipped on Dec. 28, the software is a beta version of a maintenance update for Kaspersky's Anti-Virus 6.0 and Internet Security products that includes the new support for Vista, which was introduced by Microsoft in mid-November 2006.
While the first Vista-oriented products built by Kaspersky, which has its headquarters in Moscow, Russia, cover the company's consumer-oriented technologies, the firm is in the process of creating versions of its enterprise security applications that will be tailored to work with the Microsoft OS. Kaspersky has yet to disclose publicly an official date when those products will arrive.
Built with a number of security tools onboard, including anti-virus capabilities, some industry watchers have predicted that the arrival of Vista will make it harder for mid-tier software makers such as Kaspersky to compete, as Microsoft's entry to the market will also push industry leaders Symantec and McAfee to cut pricing for their own applications.
Company executives said that despite those perceptions, it is still vitally important for Kaspersky to offer alternatives for customers who want to adopt the Vista OS.
"Many of our users have expressed interest in Vista, and we are providing a clear path for them to do so securely with Kaspersky," said Steve Orenberg, president of Kaspersky, in a statement. "Customers can confidently continue to enjoy the response time and protection from Kaspersky regardless of which operating system they choose."
The company's Anti-Virus 6.0 release offers protection against a wide range of malware attacks, while the Internet Security package features additional defense against adware, spam and hacker intrusions.
Thus far Vista has been unable to avoid some of the same types of security issues as its predecessor, Windows XP, despite significant efforts on the part of Microsoft to ship the OS with fewer code vulnerabilities than its previous products.
In mid-December, members of a Russian hacker forum issued proof-of-concept exploit code for a privilege escalation vulnerability affecting all versions of Windowsincluding Vista, forcing Microsoft to activate its emergency response process.
Officials with Microsoft's Security Response Center confirmed that the company is "closely monitoring" the public posting, which first appeared on Dec. 15. It affects "csrss.exe," which is the main executable for the Microsoft Client/Server Runtime Server.
According to subsequent posts on several security mailing lists, the vulnerability is caused by a memory corruption when certain strings are sent through the Microsoft products' MessageBox API.
Kaspersky has a long history of helping to root out Windows attacks emerging from its Russian homeland. Back in December 2005, researchers at the company's Moscow labs were also the first to find evidence that the exploit code used in the WMF (Windows Metafile) attack was being peddled by Russian hacker groups for $4,000.
Next Page: Exploits.
In related news, it was recently reported by Kaspersky rival Trend Micro that underground hackers are already hawking zero-day exploits for Vista at a price of $50,000 per vulnerability. That Windows Vista exploitwhich has not been independently verifiedwas just one of many zero-days available for sale at an auction-style marketplace infiltrated by the Tokyo-based anti-virus vendor, according to researchers at Tokyo, Japan-based Trend Micro.
Some experts have said that companies such as Kaspersky and Trend, that primarily provide anti-virus technologies, will see pricing for their products erode as end users adopt Vista and gain access to other new Microsoft security products, including its own malware-fighting tools. However, analysts said that development shouldn't come as a surprise to the AV players as Microsoft's entry to the market has been on the horizon for some time.
John Pescatore, analyst with Stamford, Conn.-based Gartner said that the packaged security products offered by Symantec and McAfee, along with the arrival of Microsoft's integrated technologies, have made it almost impossible to survive on AV alone.
Orenberg, president of Kaspersky's U.S. unit, said he expects the price war to escalate even more in the coming months as Microsoft puts even more pressure on Symantec, McAfee and Trend Micro to cut pricing to maintain market share.
If you go into any of the major retail stores, you see the usual suspects on the shelf, and they're all going after the lowest common denominator. Over the last few years, the list price has gone down and down and down. Now that Microsoft is coming in even lower, it will get crazier," Orenberg said in a recent interview.
He said that Kaspersky will instead attempt to buck the pricing trend and aim its products at educated customers who he said are less likely to put their security in Microsoft's hands.
Natalya Kaspersky, chief executive of the AV specialist, said customers are unwilling to trust Redmond, Wash.-based Microsoft based on the sheer volume of security-related problems in Windows and its other products.
In a presentation to members of the media at the company's headquarters in mid-December, she said the security industry has seen nothing to suggest that Microsoft would be able to dominate the anti-malware market with the same ease as it has been able to dominate the OS space. Kaspersky specifically cast doubts on Microsoft's ability to successfully market its OneCare PC security maintenance service.
"Microsoft still does not have a good reputation in this area. By default, Microsoft solutions are perceived as being insecure or full of security loopholes," Kaspersky said.
"Given this, I am afraid that Microsoft's new anti-virus solutions may suffer the same fate; virus writers will create malware that is designed primarily to evade detection by OneCare."