Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Microsoft war against rootkits

Microsoft war against rootkits

by Nikola Strahija on July 20th, 2005 Detection of remote system monitoring tools known as "rootkits" is giving Microsoft, like every other security vendor, headache. Thus MS is planning to expand its AntySpyware.


The trouble is that rootkits have begun to pop up in combination with spyware, Trojan horses and other types of attacks. Rootkits have been around for years, but in the past few months attackers have begun using them to make spyware and worm infections nearly impossible to detect and remove. Because rootkits modify the operating system kernel, they are able to disguise signs that would ordinarily indicate the presence of malicious code.

Microsoft's Malicious Software Removal Tool got rootkit-detection features in April, and AntiSpyware may be next, according to a report from industry journal eWeek. Microsoft declined to comment on the report.

AntiSpyware, still in beta-test stage, has a large infamous aura. Earlier this year Microsoft admitted it had mistakenly listed a Dutch MSN competitor as a source of malicious code, disabling users from setting the site as their homepage. Earlier this month, the company faced strong criticism for its decision to change the status of software from Claria (formerly Gator) and several other software makers, no longer advising users to remove the components.

Windows is particularly vulnerable to rootkits because it is so widely used, and because its application programming interface (API) makes it easy to mask behaviours on a system.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »