The Microsoft Active Protections Program (MAPP) was launched in 2008 to give antivirus vendors a head start against malware developers. Vendors can get information from Microsoft bulletins before it gets shared with the public, and release their signatures immediately after the bulletin is published. Microsoft is now planning to introduce some major changes to MAPP, according to the latest progress report of MRSC, the Microsoft Security Response Center.
MAPP will be renamed MAPP for Security Vendors and become a part of a larger program, and some trusted vendors will get a three day window to come up with their signatures for vulnerabilities instead of the current one-day one. A new program, called MAPP for Defenders will concentrate on threat intelligence where incident responders will get critical intelligence but are required to share theirs. Microsoft will contribute by sharing malicious URLs and other threat indicators.
A new cloud-based service, MAPP Scanner will allow participants to scan Office and other files and URLs to find out if they are malicious or not. The service will use virtual machines with all Windows versions to run its scan. This is a new way for Microsoft to discover new attacks and unknown activities.
