Windows 8's built-in AV to be security of last resort
Integrated Windows Defender will activate only on PCs sans antivirus software or after other products have expired
Computerworld - Microsoft's Windows 8 will activate its built-in antivirus (AV) software only if it senses that the PC is not protected by another security program, according to AV vendor McAfee.
The new operating system, which last week reached its final public milestone, includes security software, dubbed "Windows Defender," that combines characteristics of both that anti-spyware program of the same name and the free Security Essentials, the antivirus program that until now has been offered as a separate download.
Microsoft first announced Windows Defender last September, and included it with that year's Windows 8 Developer Preview, and this year's Consumer Preview and Release Preview. In all three sneak peeks, Defender was switched on, and served as the operating system's default protection against malware.
But that's not how it will work when new Windows 8 PCs debut later this year.
According to Gary Davis, director of global consumer product marketing for McAfee, Microsoft has given third-party vendors and computer makers first crack at protecting PCs.
Computer makers, known as OEMs (original equipment manufacturers), typically include trial versions of major antivirus programs with their PCs. Those trials offer malware signature updates for limited periods, sometimes as short as 30 days. When the trial expires, PC owners are encouraged to upgrade to the full paying edition, which usually offer signatures for a year at prices ranging from $40 to $90.
Windows 8 cedes the AV role to those pre-installed trials, said Davis, and will not activate Windows Defender if it detects an active antivirus program that's receiving signature updates.
"Looking at the way they're doing things in Windows 8, Microsoft is going to great lengths to let AV vendors keep customers," said Davis in an interview last week.
But Microsoft didn't take the tact to please security companies.
"It is our understanding that this was mostly because of pressures from the OEM community," Davis said in an email replay to follow-up questions. "A large portion of their profits on PCs come from revenue associated with AV."
Computer makers do reap revenue from the pre-installed software, including antivirus tools, that they bundle with their PCs. In the case of AV software, OEMs receive a portion of the money paid to security vendors by customers who upgrade from the trial versions to the full editions.
That practice relies on loading the PC with a range of third-party applications -- not just AV products -- that critics scorn as "crapware" or "bloatware."
Windows 8 will activate Windows Defender automatically only if there is no other antivirus software on the computer, said Davis.
And even when the OS detects that existing AV software hasn't been updated recently, it will only offer Windows Defender as one of several choices.
When the PC stops receiving AV signature updates -- most likely because the trial version has expired -- Windows 8 begins a 15-day countdown. During those 15 days, the Action Center, a desktop component that consolidates important system notifications, will warn the user that the AV software is expired, with information about how to renew coverage.
After the 15 days, the warning will expand the options offered users.
"At the end of 15 days the user has the option to renew what they have, activate Windows Defender, select another option from the Microsoft Store or click on a 'remind me later' button, which starts a seven-day notice period," said Davis.
The Microsoft Store is the name of the company's online market, where it sells its own Windows software, including operating system upgrades, as well as some third-party programs. It's not to be confused with the Windows Store, the e-mart accessible only from Windows 8 that is the sole distribution channel for Metro-style apps for that OS and Windows RT.
- Perspective: Microsoft risks security reputation ruin by retiring XP
- Microsoft plans to patch critical under-attack IE bug next week
- Microsoft reaches RTM milestone for Windows 8.1 update
- OS upgrades: Cheap is better than pricey, free is better than cheap
- No special treatment for China on XP, patches end April 8 in the PRC, too
- Microsoft ships Office 2013 SP1 the old-fashioned way
- Microsoft's 'go-low' play puts Windows revenue on the line
- Steven J. Vaughan-Nichols: Windows 7 lives!
- Users mock Microsoft for asking their help on XP-to-Windows 8.1 upgrades
- Microsoft concedes Windows 8.1 needs more for mouse, keyboard customers
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts