Symantec and McAfee say that a Microsoft technology called Patch Guard -- which blocks access to the 64-bit Vista kernel -- will make it harder for third-party security vendors to deliver certain features in their products.
In a full-page advertisement in London's Financial Times last week, McAfee charged that Microsoft's decision to "shut-off access" to the kernel amounts to anticompetitive behavior. The two security vendors also accuse Microsoft of other tactics designed to make life harder for independent security vendors at a time when the software giant is expanding its own presence in the security field. In an interview with Computerworld, Stephen Toulouse, senior product manager with Microsoft's security technology unit, explained his company's position.
Excerpts from that interview follow:
Why did Microsoft decide to restrict access to the 64-bit Windows kernel?
The biggest concern has been rootkits that can hide themselves from detection software and antivirus software. When you have a situation where code that is not part of the operating system can run at the same level as the kernel, that is not good because the kernel can't necessarily figure out what is good and what is bad.
In the 32-bit version of the [operating system] there has always been these undocumented and unsupported ways of modifying the kernel while it is running. That introduced stability problems, performance problems and security problems because attackers can use them, as well. These unsupported, undocumented ways of modifying the kernel have never been used by Microsoft and their use by other vendors is frowned on. We don't believe that it is good for the user experience to modify the kernel while it is running. When changes are made to it in unsupported fashion, you introduce instability.
So, what we felt the right thing to do for the 64-bit platform was to prevent the use of these unsupported functions and instead try to implement safer documented ways of implementing the same functionality.
What does Patch Guard do for Windows?
I think it is important first off from our perspective to note that one of the things that customers have been very clear about with Windows and all of our products is that we've got to fundamentally raise the security of those products. That has been very, very clear feedback from our customers. One of the ways we are doing that on our 64-bit platform is this implementation that is known as kernel patch protection or Patch Guard. It is actually not new. We have been shipping operating systems with kernel patch protection for a couple of years now. The feature is also in Windows XP 64 and Windows Server 2003, 64-bit.
The goal around Patch Guard is to help make a more stable, reliable and secure experience for the customer. It prevents the unsupported and undocumented modification of the kernel. If it detects [that the kernel] has been modified or something is attempting to modify it, Patch Guard will automatically shut the system down to prevent an attack.
- +
Strategies for Dealing With IT Complexity 24/12/2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Virtual magic: HR specialist throws out 40 servers, adds 8TB SAN and saves $100,000 for disaster recovery 2008-12-01 15:28:00+11
Sybiz adds up for SMEs in downturn 2008-12-01 14:27:00+11
EXCOM scores back-to-back award trifecta 2008-12-01 10:46:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
Citect extends SCADA networks with mobility solutions 2008-12-01 09:48:00+11
Controlling storage costs with Oracle database 11g
Organisations must embrace new ways of storing data that don't involve adding more of the same hardware to accommodate data growth and dealing with duplication as well as uncompressed information. Simple steps such as tiering storage, moving data across these tiers and reducing the amount of data to be managed, can dramatically reduce capital and operating expenses. Read on to learn how to implement these steps in your business.
Buying Guides
Latest Products
