When a world-wide virus strikes, who gets the blame? The antivirus vendors? You might think they would as their products failed to protect but, in fact, the bile is generally directed at the company with the most software in use around the world: Microsoft. Hardly surprising, then, that last week it bought an anti-virus company, choosing Romania's GeCAD Software. GeCAD's RAV AntiVirus is regarded as the best product available for Linux.

Microsoft's attempt to improve its security - based on its Trustworthy Computing initiative - has led to a number of recent announcements. These include new anti-virus application programming interfaces (APIs) for Exchange Server 2003, and for Microsoft Word 2003. The new APIs will make it easier for antivirus vendors to write their code in such a way as to more easily protect our systems.

Microsoft has also formed an alliance with Network Associates Inc and Trend Micro Inc called the Virus Information Alliance (VIA), the idea being that they will provide Microsoft customers with up-to-date information on virus incidents. VIA offers an extremely useful website, with some excellent documents on best practices for security, available tools, how to use your operating system in a more secure manner, and so on.

Microsoft also announced the Windows File System Filter Manager Architecture, an open and freely available architecture that antivirus vendors can easily plug into, thus ensuring that future antivirus software will work better with Windows. One key element is that the new architecture will enable you to run multiple antivirus software packages on the same system.

The stated reason for this is that it provides greater resiliency against attacks, because if one vendor's prod uct misses a new virus, another might well catch it. And of course, not coincidentally, Microsoft will be able to take advantage of it using the technology it has acquired with GeCAD Software.

I applaud this move by Microsoft. I even hope it gives away its antivirus software to those that are satisfied with say, daily updates, and perhaps only charges those who want a genuinely live update service.

Why would Microsoft want to do this? It is because it wants everyone to visit the soon-to-be new Windows Update site as often as possible. A good way to get people to do that would be to have antivirus signatures available as part of the download.

While you visit the site, Microsoft will offer to scan your system for upgrades, and then show you what patches are available. If it can get the vast majority of people patched right across the board - OS, applications, etc - it will dramatically lower its technical support costs. It could be by such an order of magnitude to easily justify free antivirus software.

The antivirus vendors will be quietly gnashing their teeth, because the last thing they want is an architecture that enables you to run more than one product at a time. They like annual fee payments, and work hard to convince you that the software you use is the best. With an architecture that enables you to run multiple software versions, you will be able to see who really has the best.

This doesn't sound a death-knell for antivirus vendors, but it is a huge wake-up call. Microsoft provides a free firewall, but that hasn't put firewall vendors out of business: it simply forced them to add value.

Interestingly, Microsoft is not saying whether the new "let's all live together" architecture will be retrospectively applied, or whether it will just be for Windows Server 2003 and Longhorn, the next desktop version.