GCN Tech Blog

By GCN Staff

Blog archive

A cheap trick from the security vendors?

If you've been following the tech news of late, you can't help noticing that two of the latest desktop computer security providers'Symantec Corp., of Cupertino Calif., and McAfee Inc., Santa Clara, Calif.'have been up in arms over upcoming release of Windows Vista.

But this duo of virus-fighters have been deceptive about at least one aspect of Windows Vista. Even egregiously so, one could argue.

The gist of their complaints, or one of the main ones, is that Microsoft has prevented third parties from patching, or adding extensions, to the Vista kernel, through a function called PatchGuard. Antiviral companies have long added extensions to Microsoft Windows to fight root kits and such. And now they can no longer do so, thanks to PatchGuard.

The most recent complaint along these lines has been lodged by McAfee chief scientist George Heron, who authored an editorial on the subject posted by CNet earlier today. The company also ran an ad on the subject in the Financial Times.

In his editorial, Heron explains the issue pretty thoroughly, except for one seemingly insignificant detail'the fact that PatchGuard is only being implemented in the 64-bit versions of Windows Vista.

That's right. PatchGuard is only on the 64-bit version of Windows Vista.

So hands up. Who actually uses the 64-bit version of Windows on the desktop? Who plans to? At best, it is a tiny fraction of the overall number of computers that run Microsoft Windows.

So isn't it just a wee bit disingenuous to be trumpeting PatchGuard as a major Vista vulnerability when only the 64-bit version of Vista actually uses PatchGuard?

Likewise, take a gander at the Web site Symantec set up to explain the PatchGuard problem. Once again, the phrase '64-bit' does not appear even once, even though the Symantec technical report prompting this page is quite clear that its findings apply only to 64-bit Vista. An unsuspecting reader may conclude that all of Vista would be hosed by such kernel protections

A Symantec press spokesman we were talking to recently assured us that Symantec is being forthright about the matter, that not mentioning the 64-bit scope of the problem is not misleading. Maybe few use the 64-bit desktop computers now, he argued, but eventually more users will migrate towards 64-bit computer.

Perhaps so. (Though 64-bit computing has been around for more than a decade, yet its use on the desktop remains negligible. What desktop app will need the massive memories delivered by 64-bits?) But even if demand for 64-bits were to spike one day soon, not mentioning the speculative scope of their concerns just belittles the other'and perhaps more pressing'problems that these security companies may find with Vista.

--Posted by Joab Jackson

Posted by Brad Grimes, Joab Jackson on Oct 09, 2006 at 9:39 AM


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.