Microsoft's decision to package its upcoming Windows 8 operating system with built-in anti-virus software is sending shockwaves through the computer-security industry.
Scheduled for a 2012 release, Windows 8 will come bundled with Microsoft Security Essentials (MSE), a software package that protects systems from malware, spyware and Trojans and includes a firewall and parental controls.
The software giant announced the news yesterday (Sept. 13), the same day Microsoft released a Windows 8 preview to developers.
MSE, which is currently free but must be installed separately, will add a feature in Windows 8 that blocks attempts to boot the PC from an infected USB drive, a proven and dangerous method of attack.
Ups and downs
The decision to bundle Windows 8 with anti-virus protection is "a case of good news and bad news," according to Graham Cluley from the computer-security firm Sophos.
"Anything which encourages Joe User to run up-to-date anti-virus software has to be a positive thing," Cluley wrote.
On the other side of the coin, however, Cluley said the inclusion of MSE in Windows 8 could lead customers to assume they are fully protected.
Once Windows 8 is released, Cluley said online attackers are likely to create new malware designed specifically to "slip past Microsoft's scanner."
Adrian Kingsley-Hughes from ZDNet echoed Cluley, writing, "One possible downside of including a single anti-virus package in with millions of Windows installations is that it could create a security monoculture where the majority of systems are protected by a single application. Attack that one application, and it could be jackpot for the bad guys."
Unfair playing field?
Of course, the major anti-virus companies may file complaints with legal authorities, as Panda and Trend Micro did last year when Microsoft bundled MSE as an optional installation in Microsoft Update, claiming that Microsoft was infringing on competitive practices.
Yet Cluley couldn’t fault Microsoft for taking this approach.
"It's bad news for those security vendors who rely heavily on consumer sales of their software," he wrote, then added, "Frankly, it's their own fault."
Most likely referring to McAfee and Norton Symantec, Cluley said, "The two big security hippopotamuses have had years of opportunity to gobble up the end-user market, and yet still millions of home users were infected by malware, spyware and pop-ups each year."