Microsoft® Windows AntiSpyware (Beta)

XCommand

File Name: MicrosoftAntiSpywareInstall.exe
Download Size: 6385 KB
Date Published: 1/7/2005
Version: Beta

http://www.microsoft.com/downloads/details.aspx?FamilyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&DisplayLang=en

Finally,Now we are all safe and protected

Computer_Wizz_Pizzaguy

Any word on effectiveness?

/usr

Finally,Now we are all safe and protected

You mean they're telling us to quit using Windows all together?

/usr

Slashdot reported that it was supposed to be good, possibly better than Spybot and Ad-Aware. However, they said it was still buggy (surprise) and possibly a subscription based tool (another surprise).

In other words, we pay Microsoft to "fix" the problems that Microsoft caused in the first place.

I'll pass.

RussS

Interesting but fairly predictable slant on this /usr.

It is easy to slag off at MS as they are the acknowledged market leader. However it really makes me laugh when I see people bagging MS for having an insecure operating system because in all honesty ALL OS are full of holes. That is a fact of life.

Install the latest *nix OS today and then see how many patches have to be installed

The main reason people target MS and MS products is because most of the world uses their products - THAT makes them a better target for mayhem, because it will effect far more people. Now that many people are starting to try different versions of *nix and using other browsers such as Firefox, Nutscrape or Opera you will find that more script kiddies will start to look at them as an attractive target. Hence the increase in viruses being reported for *nix systems.

/usr

Though I do agree with you somewhat, I can't help but hesitate to jump on that bandwagon.

MS is notorious for letting known problems go unpatched, releasing extremely buggy software, and basically ignoring security all together. Granted, any OS can be exploited, but that doesn't mean that MS is simply because it's the most widely used.

Webmaster

I try to stay away from anti-MS discussions since the last great war about 10 years ago (Novell vs MS), because it is usually all cliches. In which there is often very little truth (MS didn't cause spyware though, it existed on Unix and VMS before Windows was even born). But I agree with Russ, it is easy to bash MS while in fact they provide very decent products. It is usually the incompetence of the 'user' (admins) that make MS systems vulnerable by either not updating/patching frequently or by not using the full capabilities of the products. Clearly Windows Automatic Updates and SUS improved the situation a lot.

MS is notorious for letting known problems go unpatched, releasing extremely buggy software, and basically ignoring security all together.

Only amongst *nix-fans. I've deployed over a hundred MS servers including various back office products and not one of them was 'extremely' buggy or even close to unstable. Especially that last part of your sentence is incorrect. AntiSpyware is an example of that but try the MS site and you'll see how concerned with security they really are (though this definitely hasn't always been the case).

RussS wrote:

Install the latest *nix OS today and then see how many patches have to be installed

Try that including apache, mysql, php, sendmail, hosting appliance software, forums (Santa.A last Christmas), and lots of other software running on a typical webserver and it will exceed the required amount of updates for a Windows 2003 Web Edition running IIS. If *nix would be

Please don't take the following the wrong way: I realize that your CEH studies probably didn't do much good for your opinion about MS but much of the material in the CEH guide that relates to Windows is outdated or the corresponding tools have little effect on a hardened Windows 2000 or 2003 system today. (An easy example is the Ping of Death which has no effect on a plain windows box since NT 4 SP2 (or close).) MS cleaned up their act a lot since those days. And as long as there is no better alternative (not just in terms of security) people will keep using MS products (and paying those ridiculously priced licenses). And as long as that is the case, you will probably be better off learning how to increase the security of a MS system (by learning MS products or third-party if you prefer) and offering that as an alternative when you penetrate another vulnerable MS network, instead of complaining without offering a workable alternative.

Regardless, I'm not interested in the AntiSpyware 'beta' (at least not in production environment), and I wouldn't take my money to a bank running MS systems either

fondue

Regardless, I'm not interested in the AntiSpyware 'beta' (at least not in production environment), and I wouldn't take my money to a bank running MS systems either

You might find this a little suprising, most of the newer automated teller machines, the other ATM, that give you the vibrant colorful ads run on Microsoft. Prior to that they ran OS/2 Warp.

It's nice to see MS attempting to assist the masses with spyware control. I'm willing to bet 70% of broadband PC's are infected with something. If home users weren't such cheapskates you could make good money cleaning their PC's.

RussS

fondue wrote:

If home users weren't such cheapskates you could make good money cleaning their PC's.

I do make good money cleaning PCs for home users

Webmaster

fondue wrote:

Regardless, I'm not interested in the AntiSpyware 'beta' (at least not in production environment), and I wouldn't take my money to a bank running MS systems either

You might find this a little suprising, most of the newer automated teller machines, the other ATM, that give you the vibrant colorful ads run on Microsoft. Prior to that they ran OS/2 Warp.

Well, it was just a matter of speech. I read an article in a magazine once about atm manufacturers pushing windows at banks and the concerns that raised. I didn't realize they won that too, I always thought it was proprietary software from NCR, but nothing surpises me anymore since I noticed our DVD-o-mat runs on Novell. I'll guess I'll drive a block extra for the IBM atm then.

Ricka182

Webmaster wrote:

I always thought it was proprietary software from NCR.....

NCR...Nooo!!!!!! Please don't mention my work, I come here to escape the bastards.... NCR makes the machine itself, and assists with proper software development. They have a license to modify WinCE for many of their in-house apps, and services, including what you see at the ATM..... except for the account who still uses Win3.1

Webmaster

Sorry about that, didn't mean to mention your employer, especially not on Saturday.

Ricka182

Webmaster wrote:

Sorry about that, didn't mean to mention your employer, especially not on Saturday.

One of the few I don't have to work on, like the next two...

/usr

Here's a nice little article. Looks like I'm not the only one who sees through Microsoft's BS.

http://www.securityfocus.com/columnists/289

RussS

Interesting article, but very much the same trend of thinking that happened when IE came along with Windows 9X. That was what 10 years ago? And they still are not charging for it like all and sundry were claiming they would.
Shoot I hate standing up for MS all the time, but in all honesty I have to admit that no matter what faults they have, they do make a reasonable widget. Never in a thousand years would I put any of the *nix variants out as a desktop OS as they are just not user friendly enough. I enjoy screwing around with them at home, but when it comes to my main PC it is XP customised for my preferences.

/usr

You're exactly right, but those facts don't make MS secure. They also do not mean we shouldn't be this critical of MS or blame MS for the majority of these problems.

Webmaster

Here's a nice little article. Looks like I'm not the only one who sees through Microsoft's BS.

It is easy to find articles with almost subjective opinions about the evil MS empire and their evil ruler Bill Gates. In most cases they contain a lot of cheap shots that have been made many times before in the past, since MS became successful (as in more succesful than others).

I'm not a huge fan of MS in particular, but I'm neither a fan of kicking against MS just because they earn a load of money or the logical fact that anything created by their human hands can and will always be broken by others (which isn't as easy as some people make it sound). So let's try once more to spread some MS-love to reduce the imbalance caused by a decades old biased MS-hate trend

/usr wrote:

You're exactly right, but those facts don't make MS secure. They also do not mean we shouldn't be this critical of MS or blame MS for the majority of these problems.

Nor do those facts make MS any less secure than any other product or vice versa. Nobody ever claimed MS was secure in such a way that it would be completely invulnerable. And I think everyone nowadays agrees we should be critical when it comes to security, especially considering the costly licenses we pay for those user-friendly products. Security has been secondary to functionality for long, but that is changing already. But blaming MS for the 'majority of these problems'... There wouldn't be any less spyware/malware if Novell Netware, MAC OS, or *nix would produce the most widely used software. The success of the internet and communication means such as e-mail is inheritely the reason, not one particular software producer. (That, and the victims themselves for downloading from illegal MP3 and warez sites, or opening attachments from unknown senders. )

As the author of the article mentioned, MS 'helped' create the epedemic. That doesn't mean MS is so evil they deliberately create holes in their software, or even slightly ignore the issues, so they can profit from something like spyware (are you really suggesting that?). Here's a quote from Brian Valentine, the Senior Vice President at MS in charge of a development team (source: Sybex Security+ book):
"Every operating system system out there is about equal in the number of vulnerabilities reported" He went on to say, "We all suck."

/usr

so they can profit from something like spyware (are you really suggesting that?)

Are you actually suggesting that Microsoft is above it? Corporations have been involved in far shadier things and I wouldn't put it past MS. They have shown their greedy side in the past. I'm not saying it's true or false, but by the looks of that sentence, you're suggesting that it could never happen.


*I didn't mean for this to come across as an annoyed response to your post, it most certainly wasn't. I'm also backing out of this thread, because I keep turning it into something other than a discussion on Microsoft's Anti-Spyware tool.

RussS

I don't think that Johan is suggesting anything - except for the one obvious fact ... Windows OS and other Microsoft products are constantly attacked and exploits are readily found and reported - Mostly because Microsoft is the big boy on the block and people want to do anything to bring them down to the lowest common denominator.

Rustys factoid - each and every operating system out there has serious vunerabilities. Our job is to manage those and to patch as and where necessary. You will also find that just about every other program out there has lots of bugs too - unfortunately (or is that luckily), they do not get the attention MS products do.

strauchr

MS doesn't make computers insecure....people do.

I think its quite humerous when bashing popular products. The most popular car here in Australia is also the most stolen car which somehow equates to it being the most unsecured car. Does anyone in the media think logically??

And as far as support goes MS provides better support for their products than any other software I have worked with. To numerous to name but someone may be able name a software product that is supported well.

This anti-spyware software they are offering is just another way MS are trying to improve their products for their customers - why is that a reason to insult them rather than to praise them?

fondue

strauchr wrote:

I think its quite humerous when bashing popular products. The most popular car here in Australia is also the most stolen car which somehow equates to it being the most unsecured car. Does anyone in the media think logically??

Well said.
I've been a mixed MS / linux admin for years and I believe the MS patching support is better then linux. For $180 you get RedHat WS which will be supported for at most 18 months then you get to pay again or run with no security updates, yeah. I just retired an NT4 server that's been running and supported for over 8 years. Of course you could go the open source way and maybe get 12 months of security patches before upgrading again, and again and again.

Yes MS has had it's share of problems. If the planet ran linux instead of Windows you would see a much bigger problem. Like an earlier post, I'm glad MS is attempting to make things better.

Hey wait did I actually support Microsoft, oh my. Don't tell anyone...

Webmaster

RussS wrote:

I don't think that Johan is suggesting anything - except for the one obvious fact ... Windows OS and other Microsoft products are constantly attacked and exploits are readily found and reported - Mostly because Microsoft is the big boy on the block and people want to do anything to bring them down to the lowest common denominator.

Exactly. But to try and answer your question: honestly, I think the suggestion alone is an insult to some hard working techies at MS. MS is not a single evil entity, mostly just paid-by-the-hour techies like you and me, of who I'm sure they work to the best of their ability and do not create faulty products on purpose. I'm not saying it couldn't happen, but if it would happen, it wouldn't be 'Microsoft', or all the thousands of people working for them, but one or more rotten apples who are to blame. I'd say it is as unlikely as Mercedes building faulty cars just so they can sell replacement parts after an accident.

It reminds me a bit of the Automatic Updates conspiracy (people thinking that it would send sensitive private information to MS), which, just like your insinuation, would bury MS, if there would be any truth in it.

And as for greed, it is what drives most competitors who use anti-MS cliches as their main marketing strategy. They all want a piece of the pie.

*I didn't mean for this to come across as an annoyed response to your post, it most certainly wasn't.

I certainly hope not, because one of the reasons I joined this discussion is that I was hoping to change 'your' mind, as I sincerely think having such a biased and negative opinion about MS is an obstacle in any IT career.

Drakonblayde

I'll be the first to admit that my problems with Microsoft are based on past experiences. I'll also be the first to admit that MS has come a long way since the days of Win9x and NT4. The major problems I have with MS is the fact that their pricing is insane and they are a very high profile target. That means flaws in Windows are going to be exposed a whole lot quicker than most other OS'es.

How many security flaws in the past year alone has IE had? I don't like the fact that such a big black hole is built directly into the operating system and I can't get rid of it. I'm also *extremely* annoyed at them refusing to backport some of the improvements to IE to Windows2000. I see that as a blatant move to coerce customers into upgrading. My file server is still running 2k server because I won't touch 2k3 until the first service pack (personal rule, I never ever touch a Microsoft OS until at least one service pack is out).

Really it depends on what kind of situation I'm in. I would never deploy *x workstations for users unfamiliar with Unix. But I also wouldn't deploy windows boxes for users who had no clue how to actually use a computer... I'd use a mac. Unfortunately, PC hardware being as cheap as it is, your choices for deployment are pretty much limited to a unix variant or microsoft, and in the ease of use category, microsoft wins out.

But it's up to each individual user to determine what platform they want to use. They all have positives and negatives, and unfortunately, IMHO, you can't just dismiss the negatives surrounding MS as a case of bad PR.

I certainly hope not, because one of the reasons I joined this discussion is that I was hoping to change 'your' mind, as I sincerely think having such a biased and negative opinion about MS is an obstacle in any IT career.

You're definetly right about that, which is why I took (and take) the time to learn about Microsoft implementations. Most folks aren't going to find a pure mac or pure *x shop, so if you want to advance (or hell, even break in) you've got to be square with using MS products. As much as I hate to admit it, I'm much better at installation, configuration, and troubleshooting on windows platforms than I am on any other.

RussS

Drakonblayde wrote:

But I also wouldn't deploy windows boxes for users who had no clue how to actually use a computer... I'd use a mac.

You aren't insinuating that Macs are for dummies are you?

Mr. Vincent

No response from me.
New member checking this place out.

Drakonblayde

Not dummies, merely inexperienced. Unfortunately, inexperienced computer users aren't usually motivated to learn anymore than they have to. Macs have the easiest learning curve of anything currently out there (except maybe specialized internet appliances, but don't even get me started on those).

I really like Macs, gained a good bit of respect for them back in the MacOS 7.6 days when I had to learn them in order to support them. Macs are *easy*. Easy to use, easy to support, and implementing a solution that takes the headache away from everday computer use is what I'd call an intelligent move

I want a Mac, and with the unveiling of the Mini Mac, I'm seriously considering picking one up. What I *want* is a Powerbook, but price tags... ugh...

/usr

Well, I think you have the wrong idea of what I think.

I don't think MS is an evil corporation and that we should boycott their products. They DO make decent software that can be secured (I never have problems on my Windows machines, ever.) I am just not a fan of various things Microsoft has done in the past.


I'm not a huge Linux advocate either. My knowledge of Linux is quite minimal , so I couldn't really recommend it over Windows as a "better" OS.


All of this is directed as much (if not more) at the end user. It's amazing just how little you need to know to operate a computer well enough to screw it up. Furthermore, it's amazing how little people are willing to learn about something they use every day.

/usr

Guess I was a bit hasty in my posting.

I downloaded the beta and it seems like a pretty good tool. There are a lot of built in information utilities that could be pretty useful, especially the process viewer.

I'm hoping this tool stays free when the beta is over and gets updated regularly.



I'm still not admitting that I'm wrong about MS though.

Webmaster

Drakonblayde wrote:

the major problems I have with MS is the fact that their pricing is insane.

I agree their prices are, for several products, insane. The least fun part of being an MS Exchange consultant was informing the customers that they needed a Windows Server license, an Exchange server license, a Windows Client Access License (CAL) for each user, an Exchange CAL for each mailbox, and a Windows client license and an Outlook client license for each client computer, not to mention the seperate licenses for additional X.400 connectors. But then again, lotus, oracle, Cisco IOS licenses...

How many security flaws in the past year alone has IE had? I don't like the fact that such a big black hole is built directly into the operating system and I can't get rid of it.

www.microsoft.com/technet/security/current.aspx
Dozens, and I'm sure that is much more than any browser out there, although not all are IE 6 specific (which isn't a good thing either). 90% of our visitors use Internet Explorer... I don't know how the number of securit flaws relates to another product, but basically there is nothing to compare it with. Someone with the skills to find an exploit in a browser, would more likely try to get on the acknowledgements section in the vulnerability details at the link above, than helping out MS by proving that FFOX has holes as well. Regardless, IE 6 is obviously not a big success when it comes to exploits, and just because FFOX or some other less popular browser is not a high profile target, one might be safer using that one. From that perspective it would be better if there were 20 different browsers.

However, most of these vulnerabilites are very difficult to exploit and often only under very specific circumstances. In most cases it requires excellent programming skills and more importantly, user interaction. Running IE on your computer doesn't open any listening ports on your computer, it's still a client, not a server, the 'holes' are not opened from the outside. So basically to exploit IE, the victim would have to open a website (or attachement) with the malicious code in IE, or the attacker must have access to the computer already (logon interactively, then use IE exploits to perform task a regular user wouldn't have permissions for). Before the code becomes widely available to the public and script kiddies, MS usually has a patch or workaround already available. This hasn't always been the case, but nowadays you can expect them to start working on the solution as soon as they find out about the problem (even if it was to prove others wrong). I'm not saying this to make it sound any worse than it is, and some holes are easier to exploit than others. But it isn't as insecure as some people/competitors want to (make us) believe. And staying away from illegal download sites and the alike reduces the risk a lot.

But it's up to each individual user to determine what platform they want to use. They all have positives and negatives, and unfortunately, IMHO, you can't just dismiss the negatives surrounding MS as a case of bad PR.

Certainly not all, but a lot of it is blown out of proportions by competitors and *nix die-hards eagerly waiting to kick at MS. I never claimed they are great when it comes to security though, I'm just saying that anything else than MS isn't better than MS just because it isn't MS and supposedly more secure or stable than MS, and that they are not creating the vulnerabilities on purpose. (and I don't know if it is the competence of the hacker or the incompetence of the developers at MS either. )

/usr wrote:

Well, I think you have the wrong idea of what I think.

Your posts in this thread and your reply "If I want to keep something even remotely secure, I wouldn't use anything produced by Microsoft. Call me biased..." in the password storage topic seem to suggest at least that you have a rather negative and biased opinion when it comes to MS.

MS is notorious for letting known problems go unpatched, releasing extremely buggy software, and basically ignoring security all together.

is basically wrong about MS, and I am surprised that you are not convinced after the replies in this thread from several people who have worked with many different MS products as well as other products.

As we discussed before, I'm not saying you 'need MS certs' for your sec career, but my guess is that you are a bit hasty with your conclusions about MS in general as well. If some of your comments about MS in this thread and others reflect how you think about MS or MS products, please take it as well-meant advice:

I wrote:

having such a biased and negative opinion about MS is an obstacle in any IT career.

Regardless, I've stood up enough for MS for the rest of 2005, so unless MS starts paying me, or someone mentions Mac...

Drakonblayde wrote:

Unfortunately, inexperienced computer users aren't usually motivated to learn anymore than they have to. Macs have the easiest learning curve of anything currently out there (except maybe specialized internet appliances, but don't even get me started on those).

I really like Macs, gained a good bit of respect for them back in the MacOS 7.6 days when I had to learn them in order to support them. Macs are *easy*. Easy to use, easy to support, and implementing a solution that takes the headache away from everday computer use is what I'd call an intelligent move

CNN mentioned yesterday that i-Mac sales grows twice as much as general PC sales, indirectly because of the success of i-Pod. Personally I wouldn't trade my PC for a Mac, but I would like to try out one of those books. If Mac keeps this up we might have to start the Mac certs forum after all.

/usr

would more likely try to get on the acknowledgements section in the vulnerability details at the link above, than helping out MS by proving that FFOX has holes as well.

Firefox and Linux are also open source products. Anyone who wants to can look at the source code, making it much easier to find vulnerabilities. When you have the input of an entire community, you're just as likely to find vulnerabilities. Logically consider how many people are staring and Linux source code each day. Do you think these people aren't as experienced as MS programmers? Do you think they would fail to report a bug in the OS?

Sure, you still may find just as many holes in open source products, but they seem to get taken care of much faster.

Sure, Microsoft is more widely used, but you can't use that as the primary argument as to why so many holes are found in MS products, yet it seems that's what everyone falls back on.

Webmaster

I'm not implying FFOX is better or more secure than IE or vice versa. I named FFOX merely as an example based on their share in the browser market, pointing out that a typical hacker wants to get as much exposure as possible. Finding a bug in FFOX would do good for a resume but being able to exploit the most widely used browser from the redmond giant is a small The New Repubic type of scandal each time.

/usr wrote:

Firefox and Linux are also open source products. Anyone who wants to can look at the source code, making it much easier to find vulnerabilities. When you have the input of an entire community, you're just as likely to find vulnerabilities. Logically consider how many people are staring and Linux source code each day. Do you think these people aren't as experienced as MS programmers? Do you think they would fail to report a bug in the OS?

I'm not suggesting or denying any of those things, (nor the things in the reply you deleted...). I have two webservers running Linux and frequently receive reports of Linux bugs. That's exactly what several people in this thread including me have tried to point out, they all have bugs or holes. The fact that they're the most widely used is a very valid argument why there are so many actually found, not an excuse for having them in the first place. Again, I'm not saying one is 'better' than the other (which depends on a lot of different things in addition to how it is build or whether it's open source or not), I'm sure there are plenty of products more secure than similar MS products, and people should try out alternatives. I'm just saying, again, that MS ignoring security all together or leaving holes in software to profit it from it later is not a reason why there are so many holes found, and if all MS customers would change to a different product we still could be having this same discussion using 'RH' (for example) instead of 'MS', and that you cannot blame MS for the majority of spyware. Fortunately for people with your ambitions, there will always be plenty of holes to fix, regardless of who created the software.

As for that reply you deleted: I suggest you do read the rest of my post, especially the part that was directed to you. I'm sorry to see you're taking this discussion the wrong way and seem to be missing my point.