Microsoft plans to release a test version of a new Internet Explorer (IE) browser by the summer that better protects users from scams and malicious code while surfing the Web.
Additionally, responding to a surge over the past year in online scams involving spyware, Microsoft has decided not to charge for its antispyware product, Chairman and Chief Software Architect Bill Gates said in a keynote address at the RSA Conference 2005 in San Francisco.
"We have looked hard at the nature of this problem and have made the decision that this antispyware product will be available at no additional cost to Windows users," Gates said. "I am very excited that we have this technology and it really addresses a burning need for our users."
Microsoft bought antispyware software maker Giant Company Software in December and released a beta of Windows AntiSpyware in January. Until Tuesday's announcement the company had not said whether it would sell the product or give it away. Other companies, including traditional antivirus vendors, offer antispyware products.
In addition to its free consumer product, Microsoft will offer a for-pay antispyware product for corporate users that will support enterprise needs for management and deployment, said Amy Roberts, a director in Microsoft's Security Business and Technology Unit. Roberts could not say when the enterprise antispyware product will be available.
A second beta version of the consumer Windows AntiSpyware product is scheduled to be available in the first half of this year, Roberts said in an interview after Gates' keynote.
With the increasing phishing threats and perhaps competitive pressure, Microsoft has changed its plans for IE. Previously the company's plans called for a new version of the ubiquitous browser to be included in the next version of Windows, code-named Longhorn, due in 2006.
"We have decided to do a new version of Internet Explorer," Gates said. The new IE 7 will "add new levels of security," he said. A first beta is due in mid-2005.
While scant on details for IE 7, Gates said the security enhancements will protect customers against phishing and other malware. The features will also be included in the version of IE for Longhorn. IE 7 will be for users of Windows XP with Service Pack 2. Roberts could not say when the final version of IE 7 would be available.
IE is part of Windows and is used by most Web users, but it has a bad security reputation. Other browsers such as Firefox, Netscape and Deepnet Explorer are exploiting that reputation to steal market share. America Online Inc. later this week plans to release the first public test version of a new Netscape browser that offers phishing protection.
Phishing scams are a prevalent type of online attack in which spammers send e-mail messages to dupe recipients into visiting fraudulent Web pages that look like legitimate e-commerce sites to steal sensitive information such as user names, passwords and credit card numbers.
In his keynote at the opening of the annual security conference, Gates also updated attendees on Microsoft's efforts to build a single Web site for patches for Microsoft products. A test version of the delayed patching service, dubbed Microsoft Update, is slated to be available next month, Gates said.
Microsoft Update will support Windows XP, Windows 2000, Windows Server 2003, Office 2003, Exchange Server 2003 and SQL Server, according to Roberts. A final version of the update service is due in the first half of this year, at around the same time the company plans to release Windows Update Services (WUS), she said. WUS is a free Windows Server add-on for businesses that allows users to download and deploy patches.
On the issue of antivirus protection, Gates reiterated his company's intention to buy Sybari Software Inc. and to add its antivirus engine to Sybari's server antivirus product. Gates also said that a consumer antivirus product would be available from Microsoft by the end of 2005. This will be a paid product or service, Roberts said.
Microsoft's decision to give away the antispyware products makes sense, but spells trouble for third party spyware companies, said Pete Lindstrom, research director at Spire Security LLC.
"Spyware is a huge consumer issue and it's becoming a bigger enterprise issue, but it's a desktop issue, so it makes sense for Microsoft to (give away antispyware)," Lindstrom said. However, vendors such as WebRoot Software Inc. will have to find a way to differentiate. "They're not going to be able to compete on cost," he said.
At least one attendee found Gates both more engaging and more humble than last year, when Microsoft's founder declared an intention to end spam within a year -- a goal he acknowledged was not met in this year's speech.
"Instead of making promises I didn't believe (Gates) could keep, he was demonstrating substantial improvement in many areas that are important, like internal development processes," said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security Inc.
Also on Tuesday at the RSA Conference Microsoft announced that the Enterprise Edition of its Internet Security and Acceleration Server 2004 firewall and caching product should be available this March. The product was originally due by the end of last year.