Microsoft Opening up Vista Kernel to Security Vendors

October 15, 2006 0

Microsoft has altered its plans to keep a lock on the kernel of its upcoming Vista OS amid criticism that the move would prohibit security software vendors from developing compatible third-party products.

Apparently in response to pressure from the European Union, Microsoft has reversed its decision to lock up Vista from third-party security vendor access and now says it will make key components available to software firms such as Symantec and McAfee.

Symantec and McAfee cried foul when they learned that the software giant was planning to block security software vendors’ access to Vista’s kernel, which developers need in order to build effective, compatible products.

Several computer security companies are bolstering their efforts to remain viable players with enterprise computer users and consumers alike as Microsoft loosens control over security access in its next-generation operating system, Vista.

The move would have potentially cost antivirus software makers millions of dollars in lost sales and could have essentially given Microsoft a security monopoly with Vista.

Even so, Symantec remained skeptical. "Microsoft has the interface to turn off the Security Center," said Paden. "They have sat on it. Why have not they provided that already? That makes us wonder do they, or do they not, have APIs for PatchGuard?"

In a recent development, McAfee announced a security risk management strategy for its customers using current and future versions of Windows operating systems. This strategy is designed to provide enterprises with additional options in minimizing risks from security threats and noncompliance issues.

In a related development, anti-spyware software developer Webroot Software and security firm Sophos recently announced a technology partnership through which Webroot will license Sophos’ antivirus technology for use in select Webroot consumer and enterprise products.

Also, software security company Symantec outlined its vision for protecting its customers from the next generation of threats targeting their business and personal information. The concept Symantec calls "Security 2.0" brings together an ecosystem of products, services and partnerships to provide its customers with more third-party security tools.

EU Concerns Emerge
The announcements from these security firms come in the midst of a heated debate over computer security that pitted Microsoft against third-party security vendors worldwide. Microsoft claims that its PatchGuard security system in Vista will secure its operating system and lock down its kernel without the need for other security applications.

Now, however, seemingly concerned over antitrust allegations, Microsoft is backing off from its stance. The company has agreed to allow third-party security vendors to access some of Vista’s core components.

Industry Unrest
The outcry from antivirus (AV) vendors was apparently not Microsoft’s only incentive for changing its course. European Commission concerns also drove the software giant’s decision.

Microsoft made the two moves, after the EU’s Competition Commission — which is lead by Dutchwoman Neelie Kroes — "advised Microsoft that it should make additional changes in three remaining areas of the product," said a Microsoft spokesperson. "The company agreed to make each of these changes."

"We recognize that the European Commission does not give ‘green lights’ for new products, and we have not asked for one. We appreciate the constructive dialogue we have had with the commission and the guidance the commission has provided," said Microsoft General Counsel Brad Smith.

"Based on this guidance, we have made changes to ensure that we are in compliance with our competition law obligations, and we are moving forward to make Windows Vista available on a worldwide basis," Smith continued.

However, the company announced that it will allow McAfee and Symantec to access some core components of the new operating system.

Other software vendors have downplayed the severity of Microsoft’s Vista security policies, noting that there are always security holes and that any system can, at some point, be compromised. Thus, consumers will always need third-party help to protect themselves from security risks.

McAfee’s Plan
McAfee said that its new security solution for the enterprise is not a new product. Rather, its security risk management line is an integration of its existing products with added strengths from recent acquisitions and new compliance management capabilities, including remediation and network access control.

"With the acquisition and integration of Preventsys and SiteAdvisor technology, McAfee is among the first to integrate threat prevention with compliance management," Michelle Cobb, group product marketing manager for McAfee, said. This provides enterprises with greater automation, operational efficiency and protection of their investments, she added.

Symantec’s Contribution
In a flurry of activity, Symantec announced the release of several products designed to beef up computer security by protecting enterprise and e-commerce activities.

Symantec Mail Security integrates anti-spam, antivirus and extensive content filtering technologies designed to stop inbound and outbound e-mail threats. Symantec Database Security uses intelligent profiling to provide fraud detection based on what is considered "normal" interaction with the database. It immediately alerts the organization of malicious or abnormal activity that falls outside the "normal" profile.

Norton Confidential Online Edition helps banks and other organizations strengthen the security that links them to their customers and increases customer confidence in online transactions.

McAfee officials said increasingly strict compliance and regulatory requirements, coupled with changing threat environments, have forced enterprises to rethink how they approach and manage security.

"From conversations with our customers, it is clear that enterprises spend an enormous amount of time and money to manage security risks and to demonstrate compliance," said Chris Kenworthy, senior vice president of marketing, McAfee. He noted that security is more than just a version number and also involves a comprehensive approach to threat prevention and compliance.

Redmond Reacts
However, a Microsoft official said that third-party security vendors will have to develop new tools to work with Vista.

"Kernel Patch Protection is an opportunity for security companies to evolve and deliver new innovative security solutions and design approaches for customers that build on top of a more secure kernel environment on 64-bit systems provided by Microsoft," wrote Stephen Toulouse, senior product manager for Microsoft’s security technology unit, in an e-mail message.

The solutions that our partners provided yesterday need to evolve to address the threats of today and tomorrow, and go beyond the baseline protection that Microsoft is providing to its customers through technologies like Kernel Patch Protection, he added.

According to Toulouse, in order to deliver a more reliable and secure operating system kernel, Microsoft will provide documented, supported methods for industry partners and Microsoft product teams alike to implement new innovative functionality in defined and supported ways.

McAfee’s was perhaps the boldest voice against Microsoft’s planned AV vendor lockout. The company accused Microsoft of compromising security in Vista by disallowing third-party software.

McAfee representatives could not immediately be reached for comment on the turn of events.