Third-party security firms may get the deep access to the core system software in Microsoft's Windows Vista for which they have been asking.
On Friday, the software giant announced that its forthcoming Windows Vista operating system will expose some kernel security functions for use by independent software vendors (ISVs) through documented programming interfaces that will be developed with third parties.
The agreement to allow other companies to use kernel security functions comes after some third parties have criticized Microsoft for its hard line on kernel patch protection, also known as Patchguard, which will ship with the Vista operating system. The software technology, which will only be included on systems with 64-bit processors, aims to prevent anyone--either malicious attackers or well-meaning security firms--from changing how the core of the Vista operating system processes data.
"Were totally committed to working with ISVs, and have been working with them for years now, to provide new documented and supported interfaces in 64-bit versions of Windows that will allow them to leverage the kernel on x64-bit systems--thus, enabling a comparable level of functionality to what they have today on x32-bit systems without direct access to the kernel," Stephen Toulouse, security program manager for Microsoft, stated in a blog posting. "The right thing to do here is implement the functionality in safer, documented ways, instead of using unsupported methods."
The concession, and several others including quashing security alerts when a third-party security center is installed, were made by Microsoft to attempt to make it less likely that the European Union and Korea will impose restrictions on the company's next operating system, which it still plans to ship to consumers in January. While the announcement answered concerns from the EU and Korea, the software giant said it would make the changes to its software available worldwide.
Security firms McAfee and Symantec, which owns SecurityFocus, both took exception with being prevented from modifying the kernel. The companies are waiting to see details of the planned kernel security interface before judging the move.
Posted by: Robert Lemos