Is Microsoft Blocking Antivirus Apps from Windows RT?

If you’re looking to buy a Windows RT tablet, security vendors said, don’t expect to be able to protect it with third- party antivirus or other security software. In fact, it seems that Microsoft may block third-party antivirus vendors from developing security solutions for Windows RT.

Microsoft won’t allow such software to be sold on its online store, which is the only way to load applications onto Windows RT devices, security vendors say. It’s not known whether Microsoft will develop its own security solution for Windows RT, although most security observers assume Microsoft will do so.

Unlike Windows 8, with which it shares code and most of a name, Windows RT is both a different operating system and a new business model for Microsoft. While Windows 8 runs on traditional Intel processors, Windows RT is compiled for the low-power ARM chips that power the vast majority of the world’s smartphones and tablets. Applications written for Windows RT can run on Windows 8, but a Windows 8 app must be specially compiled to run on both Windows 8 and RT - something most apps apparently do, Microsoft says.

Security Is Locked Out Of The Windows Store

Thats only part of the difference. Users can load whatever they software they wish onto Windows 8 machines, via DVD or online distribution. but Windows RT apps can only be downloaded from Microsoft’s online store. And that’s the problem, according to Gerry Egan, a senior director of product management for the Security Technology and Response Group at security vendor Symantec.

McAfee's Marcio Mello, Sr. Director of Product Management, agreed. “Windows RT (as a SKU) is completely closed on the Desktop side. There’s no Win32 API there and there’s no way for an [anti-malware anti-virus] vendor to deliver their apps on Windows RT/ARM.”

So despite the uncertainty,  will Symantec design a version of its software for Windows RT? “The answer is yes,” Egan said. “The question is whether we can, or whether there will be a need to. We predict that there will be a need to, and we’ll have to work with Microsoft to figure out how we can, and remain in compliance with their store policies."

So far, the “jury is still out on the dynamics of the Windows RT marketplace,” Egan explained. “We don’t know what Microsoft’s next moves are going to be.”

Microsoft: “No Comment”

When asked to clarify the situation, Microsoft representatives declined to comment. “Microsoft has nothing to share on the topic at the moment,” a Microsoft spokeswoman said via email. “We’ll let you know if that changes.”

Until Windows RT is successfully attacked - and it hasn’t been yet, at least publicly - any confusion will be from longtime Windows users, who have become accustomed to installing an antivirus package to defeat malware. The questions will be whether or not Windows RT will actually need antivirus software - and whether or not consumers will ask for it out of habit. Security vendors noted that Windows RT may act like Apple’s iOS - security solutions are available, but most consumers simply don’t bother.

A representative from security competitor Kaspersky Lab confirmed that the company’s Kaspersky Internet Security and Kaspersky Antivirus would not run on Windows RT. “Our KAV/KIS 2013 should work fine on the Surface Pro but will not work with RT,” he said in an email.

Microsoft hasn’t publicly revealed whether WindowsRT on ARM will be able to run legacy products, like older versions of the Kaspersky software, the Kaspersky spokesman said. “We hear that Symantec is developing plug-ins for the RT ARM version, but we’re not committed one way or the other on developing something for RT,” he said.

A spokesman for AVG, a popular antivirus software package, said that the company also hasn’t decided whether or not to develop a Windows RT solution. But the typical development time would be between 5 to 8 months, he said, pushing a release well beyond Windows RT’s October launch date.

Stores' Security Can Vary

Microsoft’s strict Store policies are actually a security measure in their own right, Symantec’s Egan noted. Both Apple and apparently Microsoft maintain high levels of control over their online apps stores, and the amount of malware on Apple’s iOS app store is very small.

On the other hand, Google has curated the apps on its Google Play store much more lightly, and allows users to “sideload” apps downloaded from other stores. That, in part, has led to an enormous spike in Android malware; up 472% from July 2011 through November 2011, with thousands of new versions of Android malware found recently.

 

Security image courtesy of Shutterstock.