article

Windows Defender, previously known as Microsoft AntiSpyware, is a software product from Microsoft designed to prevent, remove and quarantine spyware on Microsoft's Windows 2000, Windows XP, Windows Server 2003, and Windows Vista operating systems. It is available as a free download from Microsoft's web site, currently in beta-testing, and will be integrated into future versions of Windows Vista.

Overview

Windows Defender is based on GIANT AntiSpyware, which was originally developed by GIANT Company Software, Inc. The company's acquisition was announced by Microsoft on December 16 2004. While the original GIANT AntiSpyware supported older versions of Windows, support for the Windows 9x line of operating systems was dropped. However, Sunbelt Software, which was originally GIANT's partner, sells a product based in the same technology called Counterspy which still has support for older Microsoft operating systems.

At the 2005 RSA Security conference, Chief Software Architect and co-founder of Microsoft, Bill Gates, announced that Windows Defender (which was actually known as Microsoft AntiSpyware prior to November 4 2005) will be made available free of charge to all validly licensed Windows 2000, Windows XP, and Windows Server 2003 users to help secure Windows users world-wide against the increasing threat of malware. Microsoft's upcoming Windows Vista operating system will also have Defender included as an integrated part of the operating system, and will be enabled by default.

Windows Defender not only features scanning of the system similar to other free products on the market, but also includes a number of Real-Time Security Agents that monitor several common areas of Windows for changes which may be caused by spyware. It also includes the ability to easily remove ActiveX applications that are installed. Also integrated is support for Microsoft's SpyNet™ network, that allows users to report to Microsoft what they consider to be spyware, and what applications and device drivers they allow to be installed on their system.

Windows Defender is also integrated with Microsoft's Windows Update service to receive the latest definitions and software updates.

Versions

Beta 1

The first release of Microsoft AntiSpyware was released in beta form on January 6 2005 and was based upon GIANT AntiSpyware. Few new features were added over the GIANT product; it was mainly a temporary re-branding release until it could be rewritten in C# and rebranded. More builds were released as 2005 progressed, with the last Beta 1 refresh released on November 21, 2005.

Beta 2

Windows Defender (Beta 2) was released on February 13 2006. It featured the program's new name and a significant redesign, resulting in huge improvements. The core engine was rewritten in C++, unlike the original GIANT-developed one, which was written in Visual Basic. This improved the performance of the application. Also, the program now works as a Windows service, unlike the earlier release which enables the application to protect the computer even when a user is not logged on. Because of this, the Windows Defender application is technically an interface to the service, which is also called by the same name. In addition, the application now protects more points-of-entry than the original application, while providing a more streamlined and intuitive interface. Beta 2 also requires Windows Genuine Advantage validation. However, Windows Defender, in its current build, does not contain some of the tools found in Microsoft AntiSpyware (Beta 1). This consists of removed functionality of the System Explorer tool found in MSAS (Beta 1) and the Tracks Eraser tool, which allows the user to easily delete many different types of temporary files found in Windows, including cookies, temporary internet files, and Windows Media Player playing history. Microsoft recently released a German and Japanese version of Windows Defender (Beta 2).

Advanced features

Real-time protection

In the Windows Defender Options you can configure the Real Time protection options:
  • Auto Start - Monitors lists of programs that are allowed to automatically run when you start your computer
  • System Configuration (settings) - Monitors security-related settings in Windows
  • Internet Explorer Add-ons - Monitors programs that automatically run when you start Internet Explorer
  • Internet Explorer Configurations (settings) - Monitors browser security settings
  • Internet Explorer Downloads - Monitors files and programs that are designed to work with Internet Explorer
  • Services and Drivers - Monitors services and drivers as they interact with Windows and your programs
  • Application Execution - Monitors when programs start and any operations they perform while running
  • Application Registration - Monitors tools and files in the operating system where programs can register to run at any time
  • Windows Add-ons - Monitors add-on programs (also known as software utilities) for Windows

IE integration

There is integration with Internet Explorer which enables files to be scanned when they are downloaded to help ensure that you do not accidentally download malicious software. This implementation is similar to the real-time scanners of many Anti-Virus products on the market.

Software explorer

The Advanced Tools section allows users to discover potential vulnerabilities for themselves with a series of "Software Explorers". In Beta 1, users were able to browse downloaded ActiveX controls, running processes or Startup programs, Internet Explorer BHOs, settings or Toolbars, the Windows hosts file, Winsock LSPs or Shell Execute Hooks. Windows Defender has removed some of this capability, only providing views of startup programs, currently running software, and Windows sockets providers (Winsock LSPs). The explanation given for removing the ActiveX controls and Tracks Eraser functionality is that that functionality is now found in Internet Explorer 7.

In each explorer, every element is rated as either "Known", "Unknown" or "Potentially Unwanted". The first and last categories carry a link to learn more about the particular item, and the second category invites you to submit the program to SpyNet™ for analysis by experts.

Browser restore

The Browser Restore feature, a component of the previous version Microsoft AntiSpyware, allowed users to restore all or some of Internet Explorer's settings such as the default search engine back to the defaults. This will sometimes revert the changes made by browser hijackers, though further action is sometimes required.

Erase tracks

Microsoft AntiSpyware (Beta 1) contained a track erasing feature which could erase the usage history for various Microsoft and third-party applications. The extent to which such items are really erased is not documented. This feature however, was removed in Beta 2 and is unlikely to return.

Controversy over name

There is some controversy over the name "Windows Defender" which was acquired from a company supplying software under the same name *. Microsoft claims that it is protecting the term "Windows" as their trademark.

See also

External links

Spyware removal | Microsoft software | Windows-only software | Microsoft Windows

Windows Defender | Windows Defender | Windows Defender | Windows Defender | Windows Defender | Windows Defender | Windows Defender

 

This article is licensed under the GNU Free Documentation License. It uses material from the "Windows Defender".

Home Pageartsbusinesscomputersgameshealthhospitalshomekids & teensnewsphysiciansrecreationreferenceregionalscienceshoppingsocietysportsworld