Spyware, Viruses, trojans, rootkits - these are the smallpox, and Tuberculosis of the noughties.
Like infectious diseases, Malware is constantly evolving. Attacks are getting more sophisticated, and motivation is changing - once it was just vandalism, now it is information theft for financial gain, espionage, or terrorism.
Help is at hand with anti-malware tools which Scan, Detect and Remove and are generally supported by engineering response teams kept on their toes checking the evolving threat profiles out on the Global Interweb.
The desktop admin can take several courses of action, he can "harden" the desktop, put in place robust defences at all network boundaries, and of course install client anti-malware management software.
Malware is a broad term - as well as the "virus" concept which most in the IT industry will understand or have been affected by, Rootkits alter reality by running below the APIs at "kernel" level. These make the PC into a basket case, whilst all the time it insists it is perfectly healthy. Blended threats can be crafty - first the user is encouraged to download innocuous smileys or web search toolbars and the like, and these later pull down something more malicious. This may include Keyloggers stealing passwords and credit card details, or Bots which can be installed to give an attacker control of the machine.
Scarily, these can be orchestrated into WebBot armies to attack websites. There is speculation that Mr. Putin and the Kremlin used these means to deliver an the web attack on its smaller neighbor, with the cyberattack against Estonia in April.
Malware has parallels to infectious diseases in that the most robust defence is mass inoculation. Microsoft's integrated approach is to have a unified anti-malware engine. This is made available to all through Windows Defender, installed with Vista, and downloadable on XP. This offers scan-based and real-time detection and removal of spyware threats, and is based on the codebase acquired with GIANT some years ago. It stops short of full AntiVirus protection though.
For AV, one must upgrade to Windows Live OneCare, a paid for service which includes AV scan and removal, as well as a suite of useful services for your average PC-owning punter, including performance optimisation.
Microsoft's trump card in the quality of protection its tools provide, is that it can draw on valuable experience from the operation of services like Hotmail, the freely downloadable Defender, and edge tools such as Exchange Hosted Services.
This broad awareness of threats and attack vectors, coupled with huge investment in security research and work with independent security agencies and law enforcement, means that Microsoft's response and updates can rapidly reflect changes in the threat landscape.
Whilst the above tools are broadly applicable to everyone, they do not scale to the needs of the typical enterprise who must have a broad view of security threats across all infrastructure - PC, network, mobile devices, applications, etc.
Enter Microsoft Forefront Client Security - this directly addresses the needs of the hard-pressed IT manager by providing streamlined management and reporting within the corporate environment, covering not only the client PCs but also protecting the server infrastructure.
FCS comprises a security agent and a management server/toolset. Wisely the platform makes use of existing infrastructure to deliver AV and Malware definition updates (Microsoft Update/WSUS or SMS) and to deliver policy for how managed clients should behave (Active Directory Group Policy). This gives the kind of control required in the average corporate environment, where one mans spyware is another mans useful network monitoring tool.
Likewise FCS collects security events from clients and servers, which roll up into management reports. This event collection mechanism is based on the proven infrastructure of System Center Operations Manager (and indeed can integrate with the full version if present) to ensure that the IT operations people are fully aware of all issues effecting the integrity of their network, and understanding of what measures they can take to mitigate risks and react to exposures.
Furthermore FCS provides a security state assessment tool which can proactively report en masse on an organisations state of readiness - is the PC "well hard" (like Vladimir above), with up to date with the latest security patches, appropriate firewall settings, etc.
Forefront Client Security 
is available through Microsoft Volume Licensing routes on a per-user/device regime for the client agents, and a per-server model for the management server. Many customers may acquire management tools such as FCS and System Center Operations Manager through its inclusion in the Enterprise CAL suite.
Several forward thinking Microsoft Partners in Scotland are taking advantage of Service Provider Licensing Agreement (a model where the software is hosted and made available for a monthly fee) to offer managed services to customers. This allows businesses to to outsource security assessment, reporting and alerting of their IT assets to a business partner - a model which is increasingly attractive to small and medium sized businesses.
Incidentally, if you are a partner want to hear more about SPLA licensing, you might like to attend the Licensing Workshop for Partners next Weds Nov 14th.
