RealTime IT News

Microsoft, McAfee Trade Barbs Over Vista Security

The war of words continues between Microsoft and the top independent security software makers.

The software giant today called a statement by security vendor McAfee "inaccurate and inflammatory." Meanwhile, it could be years before Microsoft changes Vista security, according to a research firm.

Despite a last-minute conference call arranged by Microsoft to iron out details concerning access by security vendors to the 64-bit version of the upcoming Vista operating system, McAfee said it was "disappointed" by what the second-place security vendor called "hollow assurances" made by the software giant.

"Despite pledges, press conferences and speeches by Microsoft, the community of independent security companies that consumers rely on for computer protection has seen little indication that Microsoft intends to live up to the promises it made last week," McAfee outside attorney Christopher Thomas said in Brussels Thursday night.

Microsoft told EC regulators it would work with vendors permitting outside security applications to work with new security features used by Vista.

The promise, followed by the release of some APIs providing controlled access to Windows Security Center, doesn't go far enough, argued Symantec and McAfee.

Although Microsoft released APIs allowing security vendors to replace Windows alerts with their own, the APIs didn't provide "hooks" into the 64-bit kernel, fenced off by Kernel Patch Protection, or PatchGuard.

Since Vista, for the first time, will ship with both 32-bit and 64-bit versions on the same disc, access to the kernel is needed for all security features to work, the vendors said.

Thursday, Microsoft announced it would make API hooks into the 64-bit kernel available with the first Vista service pack. Word that access to the 64-bit kernel could be delayed had security vendors in an uproar. But Microsoft denied it was dragging its feet.

"It's unfortunate that McAfee's lawyers are making these kinds of inaccurate and inflammatory statements," Ben Fathi, corporate vice president of Microsoft's Security Technology Unit.

Fathi said Microsoft has taken a number of steps to address the vendors' complaints, including Thursday's meeting.

However, in a statement, Fathi said an agreement on accessing the 64-bit Vista kernel will happen "in the months ahead."

Neil MacDonald, a security research for Gartner, believes it will be years before Microsoft gives vendors access to the 64-bit kernel. This means non-Microsoft security products will ship without full functionality.

Many security features offered by Symantec and McAfee involve detecting malicious behavior or intrusion prevention.

Security is no longer about antivirus or anti-spyware.

The sort of features that could differentiate Symantec or McAfee from Microsoft's own security products won't be possible without access to the 64-bit kernel, MacDonald told internetnews.com.

Gaining access to the Vista kernel is "a very real concern for McAfee and Symantec," MacDonald said. With pressure from the EC lessened, it is up to enterprises to press Microsoft to provide a date when it will offer rival security vendors kernel access.

"With antitrust concerns temporarily satisfied, Microsoft may feel less pressure to make kernel modifications quickly," according to MacDonald.

Despite PatchGuard availability for three years in the 64-bit version of Windows XP, nothing happened until the EU put pressure on Microsoft, the analyst said.

He added that if the software giant doesn't announce a timeline for the kernel changes within nine months of Vista's initial shipment, a capability allowing security vendors access to the kernel will likely not be ready for SP1.

It would be premature to speculate on a time frame for service packs, given Vista development is not complete, a Microsoft spokesperson told internetnews.com.

The company said it remains focused on delivering its new operating system in November to volume license customers and in January for general release.