Microsoft makes second acquisition related to fighting rootkits

Microsoft announced today that it acquired startup Komoku, a company specializing in rootkit detection and protection solutions. The deal marks Microsoft's second purchase related to fighting rootkits.

Komoku is headed by sixteen-year information security veteran Dr. William Arbaugh, and former Silicon Graphics Inc. and Atheros Communications engineer Jeffrey Chung.

The Maryland-based group was founded in 2004 and has worked extensively with U.S. government agencies including the Department of Defense and Department of Homeland Security.

The company offers both hardware and software-based solutions geared toward larger-scale enterprise deployments. Komoku's CoPilot PCI card monitors the host's memory and file system, and its Gamma software solution finds operating system anomalies attributable to rootkit infection.

In 2005, Microsoft warned of the impending threat of rootkits, which at the time were largely undetectable by consumer antivirus applications. Rootkits, by design, are intended to establish a command position at root, or administrative, level.

The risks posed by rootkits was thrust into the public spotlight in 2005 when Sony BMG was found to be using rootkit cloaking technology to hide digital rights management software on customers' computers. Outrage over the incident led to a class action lawsuit, and a public apology from Sony BMG executives.