Security Vendors Have a Vista Bone to Pick

Microsoft calls meeting to soothe vendors' ruffled feathers over access to kernel.
Security vendors have a bone to pick over Microsoft's (Quotepledge to open its upcoming Vista operating system to third-party applications.

They claim the pledge is nothing more than lip service. They want more.

Microsoft, meanwhile, has scheduled a meeting with the vendors to hash out the issue over security and access to the Vista kernel.

The development comes after Microsoft told European regulators last week that it won't shut out Symantec (Quote) and others from Vista.

But as Microsoft pushes for a January 2007 general release of Vista, the arguments are growing more heated over what companies such as Symantec and McAfee (Quote) call the software giant's refusal to open its Windows kernel to third-party access until after the OS reaches store shelves.

At the heart of the controversy is Vista's kernel, now protected by Microsoft's PatchGuard.

This week, Microsoft released documents on how third-party security software can use the dashboard, which displays the status of security items such as firewall and virus protection. Security firms argue they need access to PatchGuard to deploy the many security features.

Microsoft argues that PatchGuard access needs to be controlled. For the 64-bit version of Vista that access may not come until months after Vista's release.

"Our goal is to make the first set of APIs available in SP1 (Service Pack 1)," a Microsoft spokesman told

JupiterKagan analyst Joe Wilcox said since it is likely Vista SP1 won't be released any sooner than 12 months after the January 2007 original unveiling of Vista, the vendors could be looking at an 18-month wait following Vista's debut.

For McAfee, that's just too long.

"It is not at all acceptable for Microsoft to wait until a service pack and not offer us kernel access until after the launch of Vista," Siobhan MacDermott, McAfee's corporate spokesperson, told McAfee urged Microsoft to give security vendors access to the kernel "and not wait until the 11th hour so we can offer our customers the best protection."

McDermott argued that Microsoft is not cooperating with security vendors. "In fact, we have not received anything at all from Microsoft concerning PatchGuard," she said.

Symantec, another security vendor with an issue with Microsoft, said the same thing.agreed.

"We have not received anything about PatchGuard," said Chris Paden, a Symantec spokesperson. "They refused to do anything about this."

Users "are facing a dire situation if Vista ships as it is," Paden warned. Symantec believes Vista users will be less secure if no access to PatchGuard is provided.

In response, Microsoft announced it will meet with security vendors later this week to hammer out a timetable for developing 64bit-APIs to be released following Vista's introduction.

Symantec said features such as blocking viral attacks and malicious behavior won't work with Vista's tamper-proof protection. Such obstacles had caused Symantec to lobby European regulators to demand Microsoft to allow third-party security vendors inside PatchGuard.

Paden said Microsoft "has rigged PatchGuard to blue-screen a customer" if there are attempts to circumvent the Vista kernel protections.

This article was first published on To read the full article, click here.

Comment and Contribute


(Maximum characters: 1200). You have characters left.