Microsoft Entering Antivirus Market

Company may use assets of takeover target assets improve Windows

Microsoft Corp. says it intends to acquire the intellectual property and technology assets of GeCAD Software Srl., a Bucharest, Romania-based antivirus technology provider.

Microsoft will eliminate all of GeCAD’s current products and use the company’s expertise to improve Windows and provide better support for third-party antivirus vendors. “Customers told us they needed a safer, more trustworthy computing experience to help combat the threats posed by those who write viruses and malicious code,” says Mike Nash, a vice president in Microsoft’s Security Business Unit. “This acquisition will help us and our partner antivirus providers further mitigate risks from these threats.” The company also plans to unveil a PC antivirus product with fee-based signature updates.

The move—though not the exact company—was no surprise to analysts. “It was just sort of a matter of when,” says Jan Sundgren, an industry analyst with Forrester Research in Cambridge, Mass. Though few IT managers may have heard of GeCAD, its products secure such things as Microsoft Exchange and Linux. Its scanning engine performed extremely well in a recent test.

“[Microsoft is] pretty vague about how they’re going to package this technology,” Sundgren notes. Probable first moves include improving the PC operating system (OS), the server OS, or launching a standalone antivirus product.

“The really interesting stuff for customers probably won’t come out for a while,” says Sundgren. “If they do something in the OS, it will probably be for Longhorn—probably—for late 2005.” Longhorn is the code name of the next version of Windows.

The potential upside to Microsoft integrating antivirus features into its products: better integration with intrusion detection and firewalls, and less application conflict.

Microsoft, however, will face everything from opposition to suspicion. Viruses, for example, often work because of OS vulnerabilities, for which many users hold Microsoft liable. Sundgren says a Microsoft antivirus product could create a “conflict of interest, because the pressure to secure the OS is going to be a little eased by the fact that they’re selling this software to deal with the problem.” To overcome that perception, the company will have to convince people of its sincerity “to secure the overall system.”

About the Author

Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.