A year ago at the RSA Security conference, Microsoft mapped out its Windows security roadmap. Some company watchers are speculating Microsoft will use next week's RSA confab provide an update on its progress, and, specifically, to detail its behavioral-blocking technology, code-named "Mako."
Microsoft officials at RSA 2004 said that the company was planning to deliver a family of "Active Protection" technologies to complement the Windows XP Service Pack 2 Windows release, which Microsoft rolled out in August 2004.
Application-aware firewall and intrusion-prevention technologies, which will push the security settings in the existing Windows firewall a step further.
Originally, Microsoft planned to roll the three groups of Active Protection technologies into its Longhorn Windows client, which is slated for delivery in 2006.
But a few months after the RSA security show, Microsoft's Security and Technology Business Unit Corporate Vice President Mike Nash acknowledged that his team wasn't waiting for Longhorn, and, instead, would roll out each group of Active Protection solutions as soon as it was ready.
The first of the Active Protection technologies likely to go live, Nash told Microsoft Watch last spring, was behavioral blocking.
Security sources close to Microsoft said that Microsoft is using the "Mako" code name to refer to these behavioral-blocking technologies.
It's not yet clear how Microsoft will make the Mako technology available in advance of Longhorn. If Microsoft follows past patterns, the company would likely release the Mako code first as a Web download, and then later as an integrated part of Windows XP Service Pack 3. Microsoft officials have not said yet when the company plans to deliver a third service pack for XP.
Microsoft partners had their own theories about what form Mako might take and how and when Microsoft might deliver it.
One official with a security vendor working with Microsoft, who requested anonymity, said he thought Microsoft would build on the behavioral-blocking technologies that already are part of the Windows Antispyware product that Microsoft released into beta earlier this month. Microsoft's anti-spyware product is built on top of code that Microsoft purchased when it bought Giant Company Software in December.
Another security source, who also requested anonymity, said he thought Microsoft might roll the behavioral-blocking technology into Microsoft's malicious software removal tool, code-named Titan. Microsoft rolled out this tool earlier this year and is planning to update it each month on "Patch Tuesday." The tool pushes out to Windows users Microsoft's latest virus patches and fixes.
How and whether Mako will be part of Microsoft's forthcoming "A1" anti-virus/anti-spyware/firewall subscription service also is not clear. Microsoft partners said they have seen alpha versions of A1, and expect Microsoft to roll out the fee-based, hosted security service later this year. Microsoft officials have declined to comment on — or even acknowledge — the existence of A1.
Microsoft officials declined to comment on the company's RSA rollout plans in advance of next week's show.
(This is an updated version of an article which appeared in the January 6, 2005, issue of the Microsoft Watch newsletter. Want to see what other Microsoft news nuggets you might have missed? Sign up today for a free two-week trial subscription to Microsoft Watch.)
