AV firms, Apple and Secunia embroiled in MS spats.
Operating system giant
Microsoft
is engaged on multiple fronts in a series of security-related PR battles.
The longest running dispute, concerning access to the forthcoming
Vista
release of
Windows
, has become increasingly heated, as
McAfee
and
Symantec
, after lengthy lobbying for more information and control, have not only criticised concessions made by
Microsoft
as inadequate and too late, but claim the promises are unlikely to be fulfilled.
After
Kaspersky
came out on
Microsoft
‘s side some time ago,
Sophos
has now weighed into the battle with a strongly worded
statement
from skyscraping CTO Richard Jacobs, claiming the likes of
McAfee
and
Symantec
have made inadequate preparations for the
Vista
release.
McAfee
has responded by suggesting, in a press release from its VP of Worldwide Corp Comms Siobhan MacDermott, that
Sophos
is unaffected because it is a ‘single product vendor’, unlike ‘innovative security risk management vendor’
McAfee
.
Other battles involving
Microsoft
include the recent
virus-infected
iPod
issue. After
Apple
‘s
support page
warning customers of the danger included criticism of
Microsoft
for making its OS vulnerable to such malware,
Microsoft
release scanning expert Jonathan Poon retaliated in a
personal blog
slamming both
Apple
‘s attitude and its security know how.
On a more traditional front,
Secunia
released
details of a vulnerability in
IE7
last week, less than a day after full release of the new browser. The report on a content disclosure hole in mhtml handling was then described, in a
Microsoft Security Response Center
blog entry
, as ‘technically inaccurate’ – the flaw, claimed blogger Christopher Budd, was in
Outlook Express
not
IE7
.
Secunia
has responded by rubbishing the
Microsoft
statement, insisting that the bug is correctly labelled as it affects users of
IE7
, and that
Microsoft
‘s spin not only attempts to hide the problem, but also risks causing confusion among users and admins.
‘
Microsoft
‘s reputation for security has always been shaky,’ said John Hawes, Technical Consultant at Virus Bulletin. ‘With all these debates raging, it’s going to be hard for them to improve their credibility and reestablish trust among their user base. It’s important to remember that while news and PR can be spun and distorted, in the long term it’s sound products and policies that really count.’
On the horizon, an entry in anti-spyware firm
Sunbelt Software
‘s
blog
shows
Microsoft
hijacking the
SpySweeper
trademark of fellow spyware-stopper
Webroot
, and claims the example disproves
Microsoft
‘s claims not to be targeting users of existing security products.
Posted on 24 October 2006 by
Virus Bulletin
Leave a Reply