Our Editor in Chief Marilyn Cohodas posed some questions on the state of malware prevention in the industry to our readers in her weekly editorial. Below is one of the responses. Read the original editorial.
I should start by saying that I don't believe Microsoft should charge anything for the right to use an antispyware product since it is the design of their OS that allows these to propagate in such numbers. It's kind of a cross between patches and viruses. Microsoft supplies patches free of charge because they recognize them as problems with their code. Microsoft leaves virus protection up to third party vendors so they can make a buck. Spyware is somewhere in between the two because spyware can infect a PC because of the way the OS was designed and coded. I see that as a security screw up which leaves the average user in trouble. Microsoft, therefore, should provide protection from their own mistakes at no charge. Consider it a show of good faith until they can correct (hopefully) those mistakes with Vista.
I'm curious why you feel spyware and malware are under control nowadays. Everything I've read shows both to on a steep rise. While an enterprise can do things like restrict admin access to local PCs (easier than it sounds) the average user is still in bad shape. Again, as long as Microsoft ships the OS or configures the install to make the user an admin by default these problems will continue to exist.
I'm a Microsoft shop so I'm not bailing on the OS but I definitely think MS owes it to their extensive user base to do the right thing. Charging for protection from their own OS is not the right thing.