dcsimg
RealTime IT News

Security Vendors Have a Vista Bone to Pick

Security vendors have a bone to pick over Microsoft's  pledge to open its upcoming Vista operating system to third-party applications.

They claim the pledge is nothing more than lip service. They want more.

Microsoft, meanwhile, has scheduled a meeting with the vendors to hash out the issue over security and access to the Vista kernel.

The development comes after Microsoft told European regulators last week that it won't shut out Symantec  and others from Vista.

But as Microsoft pushes for a January 2007 general release of Vista, the arguments are growing more heated over what companies such as Symantec and McAfee  call the software giant's refusal to open its Windows kernel to third-party access until after the OS reaches store shelves.

At the heart of the controversy is Vista's kernel, now protected by Microsoft's PatchGuard.

This week, Microsoft released documents on how third-party security software can use the dashboard, which displays the status of security items such as firewall and virus protection. Security firms argue they need access to PatchGuard to deploy the many security features.

Microsoft argues that PatchGuard access needs to be controlled. For the 64-bit version of Vista that access may not come until months after Vista's release.

"Our goal is to make the first set of APIs available in SP1 (Service Pack 1)," a Microsoft spokesman told internetnews.com.

JupiterKagan analyst Joe Wilcox said since it is likely Vista SP1 won't be released any sooner than 12 months after the January 2007 original unveiling of Vista, the vendors could be looking at an 18-month wait following Vista's debut.

For McAfee, that's just too long.

"It is not at all acceptable for Microsoft to wait until a service pack and not offer us kernel access until after the launch of Vista," Siobhan MacDermott, McAfee's corporate spokesperson, told internetnews.com. McAfee urged Microsoft to give security vendors access to the kernel "and not wait until the 11th hour so we can offer our customers the best protection."

McDermott argued that Microsoft is not cooperating with security vendors. "In fact, we have not received anything at all from Microsoft concerning PatchGuard," she said.

Symantec, another security vendor with an issue with Microsoft, said the same thing.agreed.

"We have not received anything about PatchGuard," said Chris Paden, a Symantec spokesperson. "They refused to do anything about this."

Users "are facing a dire situation if Vista ships as it is," Paden warned. Symantec believes Vista users will be less secure if no access to PatchGuard is provided.

In response, Microsoft announced it will meet with security vendors later this week to hammer out a timetable for developing 64bit-APIs to be released following Vista's introduction.

Symantec said features such as blocking viral attacks and malicious behavior won't work with Vista's tamper-proof protection. Such obstacles had caused Symantec to lobby European regulators to demand Microsoft to allow third-party security vendors inside PatchGuard.

Paden said Microsoft "has rigged PatchGuard to blue-screen a customer" if there are attempts to circumvent the Vista kernel protections.

George Heron, McAfee's chief scientist, added: "Our customers will be the ones suffering. That means they will be less safe."

However, Microsoft calls such unfettered access to its system a clear security risk.

"Giving an ISV (independent security vendor) an API to turn off or bypass Kernel Patch Protection could result in customers' experiencing stability and reliability issues, not to mention security threats," a Microsoft spokesperson told internetnews.com. The software maker said it wants to work with software vendors to develop approved interfaces to the kernel.

At the same time, Microsoft "must balance the needs of independent security vendors with the needs of protecting customers." Other security vendors, including Trend Micro, F-Secure and Computer Associates are already providing customers with products for the pre-released version of Vista, a Microsoft spokesperson pointed out.

The question is whether Microsoft can prevent the bad guys from accessing the kernel while keeping the security cops at bay, said JupiterKagan's Wilcox. Hackers have had months to test exploits against the PatchGuard included with the 64-bit Windows XP, he added.