| Windows Live On...'s profileWindows Live OneCare Tea...BlogLists |  Tools  Help |
|
23 October Get Your OneCare Green!We are getting the word out that Microsoft has released a security update to help protect Windows PCs against a recently identified security risk (Microsoft Security Bulletin MS08-067). If your OneCare status is Good (green) then Windows Live OneCare is helping to protect your computer against this threat by automatically applying the latest security patches and virus signature updates. If your OneCare status is At Risk (red or yellow) then your computer is potentially vulnerable. Please follow the OneCare Actions items to help protect your computer. To verify that you have all the latest Windows security updates, launch Internet Explorer, then click on Tools --> Windows Update. For more information on this latest security update, check out the Microsoft Threat Research and Response blog.
15 October Understanding Test Results for Security SolutionsWhen security suite tests are conducted in a methodical and comprehensive way, the results can provide a relatively accurate picture of the ability of a security suite to protect the PC’s within the average household. However, when testing is done on a specific feature within a security suite, without consideration of the role that feature plays in the broader solutions environment, the results can be misleading and confusing to average consumers who rely on the information to remain protected and secure against threats. Such is the case with the recent exploits targeting vulnerabilities test conducted by the security firm Secunia. In this test, Secunia evaluated the ability of twelve different Internet Security Suites to determine what level of protection they offer against 300 exploits targeting vulnerabilities in various high-end, high-profile programs. Vendors whose software was tested include McAfee, Symantec, Kaspersky and Microsoft Windows Live OneCare, among others. Each product was tested against a mix of exploits, including Proof of Concept, GameOver Proof of Concept, and Exploits. At first glance, it would seem that this test would be very helpful to consumers to determine the best security suite in the specific scenario – although none of the suites did particularly well in this specific situation. However, Secunia's test focused only on the on-demand scanner functionality and did not take into account any of the other built-in security protections in Windows Live OneCare or other suites included in the test. Moreover, Secunia's test explicitly focused on machines that were unpatched with some of the latest updates, both to the Windows operating system and to applications on the machines. The on-demand scanner functionality in Windows Live OneCare is a useful tool, but it is only one piece of the overall solution. To be fully effective, it must work in conjunction with other functionality in the suite including, but not limited to, the real-time anti-malware detection engine, the firewall, and automatic update engines like Windows Update and Microsoft Update that provide the latest patches for the OS and the applications on ever evolving threats. Windows Live OneCare is tested by numerous organizations around the world and has been certified for anti-virus protection by two of the industry’s leading independent certification authorities: International Computer Security Association Labs (ICSA) and West Coast Labs. In addition, Windows Live OneCare, along with Microsoft Forefront Client Security, has continually successfully received VB100 awards since June 2007. This unblemished track record shows the dedication and effectiveness of both of these products that use the same engine. These labs are widely recognized as authorities within the industry for research, intelligence, and certification of anti-malware products. Both ICSA and West Coast Labs employ testing methodologies that reflect malware threats that are “out in the wild.” The WildList Organization compiles virus reports from anti-virus experts around the world on a monthly basis to track against viruses currently spreading throughout the user population. Microsoft prioritizes these wild list tests as some of the most important measures of OneCare’s performance against real world threats, and not just simulated malware that may or may not cause real harm. Furthermore, to achieve the VB100 award, Windows Live OneCare was also deemed to be able to accurately detect the complete set of the “in the wild” malware without triggering any false positives. We point this out because Microsoft is committed to keeping PC users safe, secure, and protected in a connected world. We encourage our customers to look at all security suite tests with a critical eye – especially if they focus on only one piece of the solution. Criminals out in CyberspaceAs this is a blog about OneCare for those interested in OneCare, we will refrain from discussing our viewpoints on the current global economic crisis. However, in light of such uncertainty, we would be re-missed if we did not acknowledge that in a very fundamental way, everyone’s sense of “security” (as defined as freedom from risk, danger, worries, etc.) is being challenged on a day-to-day basis. For the OneCare team, we focus on a relatively narrow area of “security” – as in how to keep Windows PC users safer, more secure, and more protected in a connected world – using technology services as the means.
In the midst of all this global turmoil, cyber criminals are still preying on the public with even more vigor, using ever more nefarious ways to trick unsuspecting people into providing their personal information or stealing passwords for financial gain. At Microsoft, we have made significant investments in hiring world-class researchers to figure out how we can stay on top of cyber criminals, and working on using technology to track them down and protect users out there.
Recently, there has been a particularly nasty scam that I wanted call to your attention – one that is impacting many unsuspecting people. It masks itself as a Windows messenger dialog box that warns you that you have spyware detected on your computer and presents an action that supposedly will help you clean up your machine. However, it is tricking people into downloading additional spyware that actually steal the passwords from the machine. This scam is vicious because it turns a well-intentioned action of getting safer into an action that increases risks and compromises the security of personal information. Even more disturbing is that it constantly changes form, making it even more difficult to educate users to be on the lookout for a particular message/dialog box. For the detailed description of how this malware perpetuates itself and infects machines, check out the Malware Protection Center blog.
So, if you or your friends and family come across these types of notifications about getting spyware or cleaning it with free AV – don’t click on it! To combat these threats, Microsoft is constantly pushing out virus definitions and technology to clean and protect users from this malware, and we’ve also engaged the legal system to file lawsuits against the possible entities that are perpetuating and developing these scams. At a minimum, if you believe your machine is affected by viruses, spyware and or any other forms of malicious software, we recommend you run our freely available online scanner at http://safety.live.com.
Lastly, for on-going protection, we have to encourage everyone to stay protected with an antivirus and security service from a reputable company. OneCare is a great choice (of course we’ll say that!), but if not our service, get one from a trusted company.
Until next time, be well –
Gina
02 October It's Been Awhile...It’s been a while since we updated you on what’s been happening with OneCare, but rest assured, it’s because we’ve been busy working on servicing our customers and developing new features and enhancements for the future. Going forward, we will be using this blog to give more regular updates on what’s going on, and to really drill deep into some specific features and experiences with the OneCare service. As much as we can, if it’s related to OneCare, you’ll find about it here first! Since the last entry, we wanted to highlight that there is now a version of OneCare that works with the Small Business Server 2008 offering– based on the Windows 2008 Server architecture. Yes, we’ve heard from many small business owners that OneCare really helps to simplify the protection and maintenance of their PCs, but they wanted coverage for their servers AND desktop computers under one subscription. To that end, we worked with the Small Business Server team to come up with an option to provide out-of-the-box protection for the server, and give small business owners the flexibility to continue that coverage for the server or all the PCs in their environment. To learn more about that service, check out this link to OneCare for Server: In the future, you’ll see us continually innovate with new enhancements on the core service, but also along with different offers that match the needs of our home and small business customers. As a reminder, there are a variety of ways to get support for OneCare: If you run into any problems or issues using OneCare, this is the best place to start. In addition to seeing the most common troubleshooting information, you have access to contact the OneCare support team. A very active and extremely well-informed set of users that post questions and answers on OneCare - great for the technically inclined and self-helpers Until next time, be well – Gina |
|
|
