When Windows Vista ships next year, customers might have a tougher time getting their security software to work properly,
executives from Symantec said Wednesday.
At issue are two new features being introduced with Vista: an enhanced Windows Security Center as well as a feature in the
64-bit version of Vista called PatchGuard. Microsoft says it is adding these features to lock down the operating system, but
Symantec believes that they will be harmful to customers by making it harder for them to use third-party software.
"There's no question that they're leveraging a monopolistic position to limit customer choice," said Chris Paden a Symantec
spokesman.
While Symantec executives did accuse Microsoft of being more difficult to work with on Vista than with previous operating
system introductions, they stopped short of accusing Microsoft of antitrust violations. "It's not anti-competitive behavior,
because Vista hasn't even hit the market yet, " Paden said.
Security vendors like Symantec are in a state of heightened sensitivity these days as they've begun to compete with Microsoft
head-on, and the specter of further antitrust actions looms over Microsoft's every move in the security space. Last week the
European Union's spokesman on competition, Jonathan Todd, warned that the market could be threatened if Microsoft doesn't allow security vendors a fair chance of competing.
Symantec and other security vendors dislike PatchGuard because it prevents them from accessing the Windows kernel. They say
it will stop them from delivering important features like Symantec's "anti-tampering" technology, which prevents malicious
programs from modifying Symantec's own software.
PatchGuard will also make it more difficult for security vendors to protect against malicious software that takes advantage
of kernel-level bugs, said Eric Sites, vice president of research and development with Sunbelt Software.
"There are a lot of new exploits coming out that exploit kernel-level drivers, " he said. "If we're able to get into the kernel,
we can watch for things like that, but with what Microsoft is doing we can't do that."
Microsoft declined to be interviewed for this article, but in an interview with IDG News last week a Microsoft executive said
that PatchGuard was simply an effort to prevent the kernel from being misused.
"We think that there's a significant amount of confusion around... certain security features in the product that we think
raise the foundation," said Stephen Toulouse a senior product manager in the Security Technology Unit. "What we're doing is
we're walling off the kernel from attackers, because the functionality that is currently there was never meant to be used
by anybody -- by software vendors or attackers."
But PatchGuard is enabled only in the 64-bit version of Windows. Because there are few 64-bit applications written for Vista,
most of Vista's initial users are expected to run the operating system in 32-bit mode, and their security software will still
be able to access the kernel.
A more immediate issue for Symantec is many Vista users will find that both the Windows Security Center and Symantec warnings
will pop up simultaneously.
This doesn't happen with Windows XP because Symantec's software is able to automatically disable the Windows warnings, but
with Vista users will have to turn off the Security Center themselves.
This will make things unnecessarily complicated for many customers, said Rowan Trollope, Symantec's vice president of consumer
engineering. "Most users can't figure out how to do that," he said.
With two warnings popping up, each with different wording, users will be confused at best, and may simply begin ignoring security
warnings altogether, said Sites.
Some observers have speculated that Symantec may press the EU for action against Microsoft in this matter, but Trollope and
Paden wouldn't say what Symantec planned to do to address these problems. "We're looking at all the possibilities now," said
Trollope, "And none of them are good for customers."
E-mail
Printer Friendly
Reprints
(InfoWorld) - In the litigious world we live in, deploying a unified communications platform in your enterprise could...
