Microsoft’s spyware strategy
Spyware is one of the most vexing challenges to face computer users today. Industry analysts, partners, government leaders, and consumer advocacy groups all identify spyware as a serious problem that threatens to undermine public trust in computing.
As Microsoft and its manufacturing and internet service provider (ISP) partners receive ever more support calls related to spyware, Microsoft continually renews its commitment to deliver a powerful response to the threat.
Defining spyware
The term spyware (and other unwanted software) refers to a wide range of programs designed to take partial control of a computer without the consent of the owner or a legitimate user. Spyware uses this control to generate unsolicited pop-up advertising on a computer, track Web-browsing habits for marketing purposes, or change the configuration of a computer.
Effects of spyware
Spyware can be a minor annoyance, or it can have a serious impact on computer performance, security, and privacy. Common symptoms of spyware infestation include:
•
Advertisements pop up, even when you are not browsing the Web.
•
Settings change unexpectedly and are difficult to restore. For example, your browser home page or default search engine might change without your consent.
•
New, unwanted toolbars appear in the browser and are difficult to remove.
•
Performance suddenly and dramatically slows down.
•
Operating systems, Web browsers, and common applications crash more often.
Less common but potentially more harmful forms of spyware can also:
•
Record keystrokes, which allows the spyware to capture passwords and login information.
•
Collect personal information, such identification numbers, social security numbers (in the United States) or bank information, and send the information to a third party.
•
Take remote control of a computer to gain access to files, install or modify software, use the computer to help spread viruses, and more.
All forms of spyware are alike in this respect: they are installed without the user's consent and without the user's knowledge of what they will do.
Answering the spyware challenge
Microsoft is focused on helping to solve the problems caused by spyware and other unwanted software.
As the platform of choice for millions of customers and developers worldwide, the Microsoft Windows operating system provides a foundation for new growth and opportunity. Microsoft's vision rests on providing an open and extensible platform, and powerful core components and open application programming interfaces (APIs) that offer exceptional power and flexibility for software development, innovation, and learning.
The popularity of the Windows platform makes it especially attractive to hackers, criminals, and others who seek to exploit its capabilities and widespread use. The challenge for Microsoft and other responsible technology providers is to take advantage of the platform's power and extensibility, while helping customers protect the integrity of their data and configurations.
Microsoft's goal is to help customers make informed decisions about the software that installs and runs on their computers. The company uses four primary approaches to meet this commitment. Microsoft:
•
Provides technology.
•
Provides consumer education.
•
Works with the software industry.
•
Works with legislators and law enforcement.
Providing technology
Microsoft's vision includes a commitment to providing technology that helps detect and remove spyware, helps improve Internet browsing safety, and includes timely updates that address the latest spyware threats.
Detecting and removing spyware
Microsoft acquired the Windows Defender security technology from GIANT Company Software, Inc. in December 2004. Windows Defender technology can help customers identify and then disable or remove known spyware and other potentially unwanted software from their computers. The software also provides optional regular spyware scans that customers can choose to be run automatically.
Windows XP Service Pack 2 (SP2) also helps provide protection against some of the most common ways that Web sites and programs install spyware on computers. The Pop-up Blocker in Internet Explorer helps prevent installation from pop-up ads, and the Internet Explorer Information Bar helps suppress unsolicited downloads. In addition, with the Internet Explorer Add-on Manager, advanced users and support professionals can see all installed and running Internet Explorer browser add-ons. This enables them to easily remove add-ons that were installed without their consent.
Improving Internet browsing safety
Windows Defender provides a continuous safeguard by monitoring computer software and looking for changes that are characteristic of malicious Web sites or programs. If Windows Defender detects these changes during an installation process, it alerts the user and asks whether to permit the installation.
Windows Defender uses three tools to monitor software behavior:
•
Internet agents. These agents help protect against spyware that makes unauthorized connections to the Internet or that changes a computer's Internet access settings (including dial-up or wireless settings).
•
System agents. These agents help protect against spyware that makes unauthorized changes to the computer's settings (including security permissions, password settings, and other critical system settings).
•
Application agents. These agents help protect against spyware that makes changes to applications (such as modifying Internet Explorer by adding unwanted toolbars, automatically downloading Internet Explorer add-ons from the Internet, or starting potentially unwanted programs when the computer is turned on).
Updating against the latest threats
As new instances of spyware appear and spread, Microsoft updates Windows Defender to help you protect yourself against the latest spyware threats. You can choose to have Windows Defender automatically download and install new updates, or you can choose to update the software manually. If AutoUpdater is not turned on, a yellow indicator appears in the Windows notification area to alert you when updates are available. You can click the Check for Updates button to download software enhancements and spyware definition updates.
Microsoft spyware team. Researchers at Microsoft work to discover new spyware and other potentially unwanted software, then create and release updates to help detect it.
Windows Defender customers. A network of Windows Defender users also help define which suspicious programs are classified as spyware. Any Windows Defender user can join this network and help report potential spyware to Microsoft. Those who participate in the global network help the Microsoft spyware team discover and respond to new threats quickly so that everyone gets better protection.
Top of pageTop of page
Providing consumer education
Microsoft provides up-to-date information from trusted resources on how to avoid and remove spyware. This helps customers learn what to look out for before they are tricked into downloading spyware by deceptive advertisements, alerts, or sites that bundle spyware with "free" programs. The Microsoft Web site also provides public newsgroups on spyware topics. These newsgroups are monitored by security-focused Microsoft Most Valuable Professionals (MVPs) who assist the online community through forums and discussions of spyware-related issues.
Working with the software industry
Until now, individual industry leaders have used a variety of approaches to address the problem of spyware. This lack of cohesion has limited everyone's ability to make a broad, coordinated impact on the problem. Now Microsoft and other industry leaders work together to share best practices and create common ways to identify and address spyware issues. This cooperative effort has resulted in the creation of common understandings of unwanted software, and industry-standard spyware definitions.
Microsoft is also actively engaged with other industry groups—such as the Center for Democracy & Technology and its Consumer Software Working Group—to help focus regulatory and enforcement efforts on truly deceptive spyware practices. Additionally, Microsoft works with top manufacturing and ISP partners to share best practices that help identify new instances of spyware.
Industrywide best practices provide an incentive for legitimate software publishers to distinguish themselves from less scrupulous publishers. This helps them minimize the risk of being classified with those who engage in unwanted behavior.
Working with legislators and law enforcement
Few laws apply to the development or distribution of spyware. This limits the ability of law enforcement agencies to identify and pursue spyware-related activity. Microsoft works with the appropriate government leaders and law enforcement agencies to help ensure that perpetrators of spyware are forced to cease illegal practices. Microsoft cooperates with law enforcement and regulatory agencies to assist them in their effort to enforce existing laws. (Examples include the PC Fraud and Abuse Act in the United States and similar international consumer protection laws). Consistent enforcement could put the most insidious violators out of business, which would help dramatically reduce the amount and type of spyware produced and distributed.
Microsoft also works with legislators on technologies as needed for those practices not already considered illegal under existing laws. It is important to note that Microsoft believes that any legislation should be carefully crafted to avoid unnecessary regulation on legitimate programs that enhance a computer user's experience.
Vision for the future
The threat of spyware and other unwanted software, like all security threats, is unlikely to be eradicated. Hackers, criminals, and others with malicious intent will always attempt to exploit computers and computer networks for vandalism or profit. Nevertheless, Microsoft is deeply committed to continue its intensive efforts to counteract security threats.
Microsoft is committed to help preserve the right to privacy, and fully supports a person's right to be left alone. Customers must be free to have access to any of their personal information and to control how it is used. They must be able to trust that their personal information is only used appropriately and with their consent. Microsoft regards the protection of customer information as a vital element of trust, and it regards customer trust as vital to the success of its business.
What customers can do
Microsoft invites customers to evaluate Windows Defender.
Microsoft also strongly recommends that customers:
•
Use an Internet firewall on all computers.
•
Use up-to-date antivirus software.
•
Update all computers with the latest security updates, available at Microsoft Update.
Additionally, Windows XP users should install Windows XP SP2, which includes advanced security technologies to help users protect themselves against viruses, hackers, and worms.
