Microsoft buys anti-root kit company
Microsoft has purchased Komoku, a US startup company founded in 2004 that develops root kit detection systems. Komuku's technology, derived from a University of Maryland research project, will be incorporated into Microsoft's Forefront anti-malware products for corporate users and OneCare for end users. The purchase gives Microsoft a foot in the doors of some US government agencies.
Komoku has developed a PCI card root kit detector called CoPilot, which constantly monitors the computer's RAM and file system. The company also supposedly has a software-based root kit detector called Gamma, which sniffs out anomalies in the operating system that suggest root kit activity. Both products rely on Symantec LiveState to disinfect and restore the system. The Defense Advanced Research Projects Agency (DARPA), the Department of Homeland Security (DHS) and the US Navy funded the development of this anti-root kit technology.
Microsoft's OneCare could use a bit of help in root kit detection. In the last (c't virus scanner test) OneCare was scarcely able to detect any active root kits. But at least as important to Microsoft is access to the government security market. Komoku's clients include finance institutions and the US Department of Defense (DoD).
Details of the purchase are not currently known. A spokesperson for Microsoft told US media that the corporation was not yet ready to discuss the details of the acquisition.
- Microsoft Acquires Komoku, announcement in Microsoft's Forefront Developer Blog