• silicon.com
• Technology
• Software

By Joris Evers, 20 March 2006 09:10

NEWS

Windows Vista is being designed to shut the door on the scourge of spyware once and for all - but could therefore pose a threat to the anti-spyware industry.

The long-awaited successor to Windows XP will introduce important changes at the heart of the operating system, as well as to Internet Explorer, and include Windows Defender, an anti-spyware tool.

John Pescatore, an analyst with Gartner, said: "The spyware threat will definitely shrink or shrivel [as Vista gets adopted]. We got a handle on spam. It still gets through but it is such a small percentage now, we know how to deal with what gets through. That same thing will happen to spyware. It will be under control."

Every new version of Windows offers some security improvements but Vista more so, said Rob Enderle, an analyst with the Enderle Group. "Vista, because it was pretty much conceived during the toughest times for Microsoft with regards to malicious software, has the most protection in it compared to any of their platforms," he said.

Spyware and its less-noxious cousin adware are widely despised for their sneaky distribution tactics, unauthorised data gathering and slowing of PCs.

Though spyware has been able to haunt users of XP, it won't be as easy for miscreants to get their malicious software onto machines that run Vista, said Austin Wilson, a director in the Windows Client group at Microsoft.

He said: "We have taken out a significant number of the attack vectors that spyware authors use today. We're not saying that spyware will be gone because of Windows Vista. We do think we will make a significant impact."

Microsoft is taking a multi-pronged approach to fight spyware. Unlike XP, Vista will run by default with fewer user privileges. People will have to invoke full, "administrator" privileges to perform tasks such as installing an application.

Also, Internet Explorer 7, included with Vista, will prevent silent installs of malicious code by stopping the browser from writing data anywhere except in a temporary files folder without first seeking permission. Lastly, Windows Defender will clean up any infections that do make it through.

Wilson said: "It is three layers of protection."

While this may be good news for buyers of Vista, it is not for anyone who makes a living from selling anti-spyware software. The worldwide market has boomed recently, reaching $97m in revenue in 2004, up 240.4 per cent from a year earlier, according to IDC. However, companies such as Sunbelt Software and Webroot Software are in for tough times, analysts said.

Yankee Group analyst Andrew Jaquith said: "The aftermarket for Windows anti-spyware is going to dry up almost completely. Windows Defender is going to become the default anti-spyware engine, certainly for most consumers that have Vista machines."

Gartner's Pescatore agreed. "Integrating Windows Defender into Windows Vista is sort of the last nail into the standalone anti-spyware coffin," he said.

But the anti-spyware market won't disappear overnight. Vista will ship at the end of 2006, and users aren't likely to instantly buy a new PC or upgrade. Pescatore said: "You will have a two-to-three-year window before Vista has a major impact on anti-spyware."

Microsoft is also making security moves outside the anti-spyware space. The company is readying a consumer antivirus product called Windows Live OneCare and enterprise software called Microsoft Client Protection. Jaquith said: "The Windows security aftermarket has become too large for Microsoft to ignore it."

Consumers and small businesses will get their anti-spyware protection mostly from Microsoft and may also opt for the company's antivirus product, analysts predicted. However, larger organisations will look to their trusted antivirus software makers, such as McAfee, Symantec and Trend Micro, for protection, they said.

But not everyone agrees that Vista can make spyware disappear or that its arrival spells the end of the anti-spyware industry. David Moll, chief executive officer of Webroot, the largest standalone anti-spyware seller, said: "I think all of these operating system enhancements are going to be helpful in the battle on spyware. I don't think there is a silver bullet, though."

Gartner's Pescatore said: "It is going to remove the low-hanging fruit. It is going to make it that much harder for dumb spyware to work. What it will really do is start forcing the threats further up the food chain." Attackers will have to get smarter in fooling the user - what's called social engineering.

Microsoft's Wilson predicts a rise in phishing attacks, which seek to dupe users into giving up personal information by using fraudulent email messages and websites. He said: "The profit motive is always there. They are looking for the easiest way they can trick people to getting things on their machines. We have seen a transition from spyware to phishing."

Joris Evers writes for CNET News.com