Anti-Malware Engineering Team

This blog provides information about what's happening in the anti-malware technology team at Microsoft. We're the team that builds the core antivirus, antispyware, anti-rootkit, and related technology, which is then used across a number of Microsof

Anti-Malware Engineering Team

  • Notes from EICAR

    Hello folks. Jeff Williams , Tony Lee , Jigar Mody , and I have returned from the EICAR conference in Hamburg, Germany which, a s a port city with a similar climate , reminded me of Seattle (but with more bratwurst). The event itself was well-organized...
  • VirusTotal Participation

    Hi, this is Ziv Mador again from the Microsoft Anti-Malware team. This week, the folks over at VirusTotal added the Microsoft anti-malware engine to their service. VirusTotal is a free service that enables users to submit suspicious files to be scanned...
  • On the Road at Infosecurity Europe and EICAR

    Eric Allred and I are in London for the Infosecurity Europe conference. We spent the last two days on the conference floor with the Microsoft UK team, talking to customers and partners about Windows Defender , Windows Live OneCare , Microsoft Client Protection...
  • Windows Defender Beta 2 Refresh

    Today, we released a refresh of Windows Defender (Beta 2) which includes updates based on the customer feedback that we have received through this blog and the newsgroups . This update also addresses some issues that have been brought to our attention...
  • News on Alcan, Mywife.E

    In Bill Gates' keynote at RSA in February, one of the subjects he spoke on was the ability for Microsoft to have a comprehensive view of the evolving threat landscape using the information and feedback from such tools as Hotmail, Watson, the Windows Malicious...
  • Windows Defender Beta 2: Updated Version Available

    An updated version of Windows Defender Beta 2 is now available from the Microsoft Download Center . This update resolves the two issues described in the below blog post relating to non-English versions of Windows and referenced in KB915087 . If you are...
  • Windows Defender Beta 2: Update

    Hi all, We’ve gotten some great feedback from places like this blog and our support newsgroups about the recently released Windows Defender Beta 2. We really appreciate the enthusiastic participation! Some of this feedback has allowed us to identify...
  • Announcing Windows Defender Beta 2

    Hi, I'm Adam Overton, the group program manager for the anti-malware technology team. I'm very excited to be blogging today about the availability of Windows Defender Beta 2 which was announced by Bill Gates at his RSA conference keynote earlier this...
  • Notes from the Anti-Spyware Coalition (ASC) Public Workshop, etc.

    Hello, my name is Jeff Williams. While I'm new to the team, I'm not new to our efforts in this space as I've worked with the team for almost two years in my previous role. I've just returned from a trip to Washington DC last week to attend the ASC Workshop...
  • The Mywife.E Worm: Update # 2

    As we pass noon on Monday, here in Redmond, we are happy to see that the Mywife.E worm (aka CME 24) turned out to be more hype than reality. Our product support departments (including calls to our free virus support line: 1-866-PCSafety) around the world...
  • The Mywife.E Worm: Update

    Microsoft has posted an advisory for the Mywife.E worm that provides information on the threat and suggests possible mitigations. To help detect and remove the infection from a computer, we recommend using the Windows Live Safety Center Beta at http:...
  • The Mywife.E Worm

    Here is an update from the Microsoft anti-malware team regarding the recent variant of the Mywife mass mailing worm. The mails' subject and body may vary. However they include an attachment that looks like a ZIP file while it is actually a malicious executable...
  • December Update for Windows Malicious Software Removal Tool Released

    Yesterday we released this month's update of the Windows Malicious Software Removal Tool . This update includes three new malware families: F4IRootkit , Ryknos , and IRCBot . This tool now cleans over 50 of the most prevalent malware families. This...
  • Windows OneCare Live Beta Available!

    On Tuesday, the Windows OneCare team announced the availability of the beta of Windows OneCare Live – a comprehensive PC health service for consumers, which offers an integrated approach to help consumers more easily protect and care for their computers...
  • Anti-Malware White Papers Posted

    Hi, Matthew Braverman here again. In early October, members of Microsoft's anti-malware team attended the 2005 Virus Bulletin Conference in Dublin, Ireland . This is one of the top three annual antivirus industry conferences, and was an excellent opportunity...
  • Extending the expiration date for Windows AntiSpyware Beta 1

    Hi, I'm Sterling Reasor, a program manager for the current Windows AntiSpyware beta and forth-coming Windows Defender. A few days ago we posted an update to the Windows AntiSpyware beta and yesterday, we turned on the auto-updater code to automatically...
  • Sony rootkit signatures now available

    Hi, we are Eric Allred and Ziv Mador, response coordinators for the anti-malware technology team. We have analyzed several versions of the rootkit that have been shipped as part of Sony’s XCP software. We are calling the family WinNT/F4IRootkit. We...
  • Sony DRM Rootkit

    I've been getting a lot of questions in the last week about Microsoft's position on the Sony DRM and rootkit discussions, so I thought I'd share a little info on what we're doing here. We are concerned about any malware and its impact on our customers...
  • What's in a name?? A lot!! Announcing Windows Defender!

    Every week seems like a big week for us in the engineering team working on our anti-malware technology. However, last week was especially important in a sentimental way. We got the final name for the cool technology our team has been developing for Windows...
  • Introducing the Windows Live Safety Center (Beta)

    Hi all, my name is Matthew Braverman and I'm a program manager on the anti-malware technology team at Microsoft. On Tuesday, Bill Gates and Ray Ozzie introduced the new Windows Live and Office Live services . One of the highlights of this launch was...
  • Welcome to the Anti-Malware Engineering Team's Blog!

    Welcome! This is the team blog for the Anti-Malware product team. We're the team responsible for building Microsoft's antivirus and anti-spyware technology (along with anti-rootkit, anti-bot, and other stuff). We setup this blog some time back, but have...