Security vendors holding off on 64-bit Windows

Companies looking to become early adopters of Microsoft's Windows x64 Edition operating systems have one more reason to postpone the decision: They may find that their favorite antivirus software no longer works on their new desktops.

Though Microsoft maintains that most software written for older, 32-bit versions of Windows is compatible with the 64-bit version of the operating system, released last April, changes to the core, kernel component of Windows means that certain types of software need to be rewritten for the company's 64-bit versions of Windows.

"Every time that we do a major shift in the kernel… any software that runs in kernel mode needs to be rewritten," said Brian Marr, senior product manager in Microsoft's Windows Client group.

With the x64 Editions of Windows, that means that device drivers and antivirus software, in particular, will need to be rewritten. "Beyond that, there aren't too many types of applications that hook into the Windows kernel that deeply," Marr said.

So companies that use products like McAfee Inc.'s Internet Security Suite or Trend Micro Inc.'s PC-cillin Internet Security will have to wait until 2006, when the first x64 Edition products from these companies are expected to ship. Enterprise customers can purchase Symantec Corp.'s AntiVirus Corporate Edition 10.0 product, which supports x64 Windows. Symantec representatives were not able to say whether or not Symantec planned to do a 64-bit version of its antivirus software for small business or home users.

Hoping to capitalize on the gap in antivirus products, San Diego-based Eset LLC on Tuesday released a version of its NOD32 software for 64-bit systems. Eset's software is able to determine whether it's being used in 32-bit or 64-bit mode and both types of systems can be managed by a single piece of management software, called the NOD32 Remote Administrator. "The 64-bit support that we provide is pretty much seamless to the user," said Andi Lee, Eset's chief technology officer.

Lee acknowledges that, to date, there have been very few vulnerabilities yet found for 64-bit versions of Windows, and that the platform may be less appealing to attackers because it has so few users. But he believes that early adopters are going to want antivirus software, and that the lack of options is going to surprise some users. "One of the biggest pains is going to be the fact that a lot of the big players don't have an (antivirus) solution," he said.

Still, that pain will be limited to a fairly small group of desktop users, according to Microsoft's Marr. His company expects that until the release of Windows Vista, which is expected in late 2006, 64-bit computing on Windows computing will be confined to the "ultra high-end user in the business space," he said.

"We do expect 64-bit computing to become more mainstream," he said. "I think that time is probably more in the [Windows Vista] timeframe… that's really the time that I would expect more antivirus vendors to come online."

And while there may be some user pain in the interim, once 64-bit antivirus products hit the mainstream, Microsoft expects that users will see some security-related performance improvements. Encryption, for example, should be noticeably faster, Marr said.

"Sixty-four bit Windows is an entirely new opportunity to bring in an entirely new wave of things," Marr said. "It should be able to scan a system faster than a 32-bit system."