The Redmond, Wash.-based developer joins other security vendors -- including some which acted a week earlier -- to label the copy protection as spyware.
"We have analyzed this software, and have determined that in order to help protect our customers we will add a detection and removal signature for the rootkit component of the XCP software to the Windows AntiSpyware beta," wrote Jason Garms, the group program manager for Microsoft's anti-malware team, on his blog Saturday.
"Rootkits have a clearly negative impact on not only the security, but also the reliability and performance of their systems," added Garms.
Microsoft plans to update Windows AntiSpyware, it's stand-alone spyware sniffer, and Windows Live Safety Center, a free online anti-virus service it launched earlier this month. No date was given for the availability of either update.
Next month, Microsoft will also add the Sony rootkit to the worms, Trojans, and viruses detected and deleted by Windows Malicious Software Removal Tool, which is updated and re-issued the second Tuesday of each month.
Sony's copy-protection scheme has been under fire since the month began, with security researchers and vendors blasting Sony for using the rootkit, which could be used by attackers to hide malicious code. At least two Trojan horses using the Sony rootkit for just that purpose have been spotted.
Microsoft was not the first to blacklist the rootkit. Earlier, security firms such as F-Secure and Computer Associates had labeled slapped a spyware label on Sony's copy-protection.
Friday, Sony said it would discontinue the copy-protection.
Microsoft's move should be applauded by an overwhelming number of users, said U.K.-based security company Sophos, which on Monday released the results of an online poll that showed 98 percent of system administrators consider the Sony rootkit a security threat.
"System administrators have a very low opinion of any code which endangers the safety of their networks, and they have sent a loud and clear message to Sony and other companies that this kind of code is unacceptable," said Graham Cluley, a senior technology consultant at Sophos.
"In taking aim at the music pirates, Sony succeeded only in shooting itself in the foot."