Microsoft patented new technology that creates an environment where malware applications can be detected by the behavior characteristics of the programs.

This will enable the security applications to detect and prevent malware programs from entering operating systems and creating havoc.

The technology’s inventor, Microsoft’s Adrian Marinescu, explained that suspected malware would be taken to a virtual sandbox where the executable code could be examined and determined whether it was friend or foe.

Marinescu wrote, “The virtual operating environment confines potential malware so that the systems of the host operating environment will not be adversely effected [sic] during simulation,” the patent says. ”

As a program is being simulated, a set of behavior signatures is generated. The collected behavior signatures are suitable for analysis to determine if the program is malware.”

The patent included technology to recognize the base behaviors of malware rather than the traditional way of waiting for infections to happen and then relying on signature codes to identify and attempt to correct the damage. Since the major chunk of malware that is released is simply re-written older code from other malware programs, using the base behaviors will potentially help to stop a host of system infections.

The patent has been ongoing  since 2004, and Microsoft has not stated yet when or where this new patent will be used in its existing or upcoming products.