GCN Tech Blog

By GCN Staff

Blog archive

Microsoft opens 64-bit Vista to security vendors

Last week, we wrote about how Symantec and McAfee protested Microsoft's decision to block third parties from adding their own extensions to the 64-bit version of Windows Vista, an operating system due to be released later this year.

Well, this week, in an almost uncharacteristically speedy fashion, Microsoft has answered their concerns. Evidently, it helps to talk to the right people in the European Union.

The concerns surrounded the use of PatchGuard, a function that blocked modifications to the OS kernel. In theory, PatchGuard should prevent rootkits from surreptitiously modifying the kernel, though it also effectively blocks any legitimate modifications as well. (and some question PatchGuard's ability to block even malicious attacks as well.)

'[T]he security industry is very concerned that the decisions being made with 64-bit Windows will, in turn, result in a less secure platform. They will directly impact the development of new security technologies, and Microsoft [itself] will lose out, due to an insecure platform,' wrote Symantec's Oliver Friedrichs in a blog. Friedrichs explains the case in pretty good technical detail.

Initially, Microsoft's response to the security companies was basically to urge the companies try harder. 'Kernel Patch Protection is an opportunity for security companies to evolve and deliver new innovative security solutions and design approaches for customers that build on top of a more secure kernel environment,' one Microsoft official e-mailed us a few week back on the matter.

After the complaints had seemingly reached the level of the European Commission though'with whom Microsoft is hashing out various antitrust issues pertaining to Vista'the Redmond, Wash. giant decided to heed to the wisdom of the security vendors.

In a statement addressing a number of the EU concerns, Brad Smith, a senior vice president and general counsel for Microsoft, announced that the company has decided to add an application programming interface to PatchGuard. This API, Smith asserted, will allow third-party security vendors to enhance the OS with their own security measures.

'We devised a new engineering approach that will create and extend new kernel level APIs so that PatchGuard will be retained, the security of the kernel will be protected, and yet security vendors will have an opportunity to meet their needs through these kernel level API extensions,' he said.

Good news for the security vendors? Word is still out on if this move will be sufficient for them to offer adequate protections.

'It is encouraging that they committed to opening PatchGuard, the operative question is well, when,' said Symantec spokesman Cris Paden. Microsoft now needs to quickly establish a timeline specifying when the APIs will be made available, he said. Microsoft has not yet reached out to Symantec with any additional information, Paden added, leaving the company, and others, with scant time to ready new products for the OS. 'We needed that technical information yesterday,' he said.


--Posted by Joab Jackson

Posted by Joab Jackson on Oct 16, 2006 at 9:39 AM


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.