Eons ago, in a day before my time, Douglas Macarthur once said that he would return. When he returned and set foot on one of the islands in the Philippines, he said that famous phrase, "I have returned." (Unfortunately for him, Ahnold Schwarzenegger's line "I'll be back" seems to have superceded "I shall return" in more recent times - I would wager that the difference makes for a good history test question).
In roughly the same way that Macarthur returned, Microsoft today dropped a bombshell on the anti-virus companies. In my automatic updates in-box resides something called the "Malicious Software Removal Tool," which will get installed before the next reboot in roughly 23 days from now. Microsoft is wisely being very careful as they cautiously step on anti-virus vendor's toes not even daring to call it an anti-virus tool.
Most people will not remember back to the Windows 3.x days as Microsoft was busy trying to define what the company would be and do. Back then, Win 3.x shipped with several tools that were eliminated when Win95 came out. One of those tools happened to be an anti-virus tool. Microsoft pulled out of that arena because they didn't feel it was profitable. Now they want back in. They recently bought out a spyware company and released their tool for free this week. This latest tool seems to be following that trend. All of this is being done in the name of "security," of course. Whatever. If "security" sells, Microsoft will buy, and their marketing department will turn it into a Flash animation.
The problem is that anti-virus vendors who aren't reading this blog right now will be left in the dark until it is too late. Let me point out that the same engine (code-wise) that drives anti-spyware applications is extremely similar in nature to the code one might write if they were making an anti-virus application. What the anti-virus vendors have failed to do is equate spyware with viruses. Microsoft has wanted to get back into the anti-virus arena since Win98 because it turns out that anti-virus software IS profitable. The problem is that they can't afford another anti-trust lawsuit with harsher punishments (the last one didn't do anything to them). So, what Microsoft has done is, in timeline order:
1) Declared that the company's theme is "security". Got marketing that message ASAP.
2) Waited to see if spyware would be equated to viruses.
3) Saw that no major anti-virus vendor declared spyware was a virus.
4) Released XP SP2 (Windows XP's Service Pack 2 contained a hint that Microsoft might be developing an anti-virus tool).
5) Sought a good anti-spyware vendor that might be willing to sell their engine.
6) Bought out said anti-spyware vendor.
7) Started experimentation with the engine to turn it into an anti-virus engine.
8) Released the anti-spyware product.
9) Released an anti-virus tool to test the waters.
They can logically argue in court that an anti-spyware engine is the same thing as a anti-virus engine (which it is - most spyware tools are starting to use heuristics and signature files), so they just happened to have virus definitions to fix a problem users were having.
If I were an anti-virus vendor, I would start doing one of two things:
1) Find something else to do not related to anti-virus stuff.
2) Hook up with my anti-virus buddies and drop a train, I mean, anti-trust lawsuit onto Microsoft. (http://www.homestarrunner.com/sbemail118.html).
I would NOT sit back and wait for Microsoft to develop a full-blown anti-virus tool. That would be stupid. I think most of the really smart people saw this day coming back at #1 (the rest saw it coming at #4 and if you saw it just today...). All the anti-virus vendors had to do to keep Microsoft out of the game was to add spyware to your virus definitions list, but now it is too late. Microsoft has invested in the technology and they are out. It is only a matter of time. Game over.