Must read: Windows Phone outselling iOS, ultrabooks on the rise: Estonia does hardware differently

Topic: Security

McAfee and Microsoft tangle over Vista security

Summary: The debate surrounding Windows Security Center and PatchGuard has turned vicious, with McAfee and Microsoft both claiming that the other is motivated by commercial factors rather than security concerns

Tom Espiner

By |

McAfee launched its first salvo in the increasingly bitter battle between Microsoft and the security industry on Monday, taking out a full-page advert in the Financial Times.

The advertisement, entitled "Microsoft increasing security risk with Vista", claimed that the company's aim was to see "a world in which one giant company not only controls the systems that drive most computers around the world but also the security that protects those computers... when it fails, it fails for 97 percent of the world's desktops".

In the advert, McAfee said that it had not been granted access to central portions of Vista, the next version of the Windows operating system, specifically to the kernel of the 64-bit version of Vista.

Mike Dalton, European president of McAfee, told ZDNet UK that this lack of access would "stop McAfee solutions working" on the 64-bit version of Vista, while leaving the door open for hackers to get past PatchGuard, the part of the operating system designed to prevent malicious attacks.

"If we can't see what's going on in the kernel, we can't see if there's an issue caused by malware," said Dalton. "The decision to build a wall around the kernel with the assumption it can't be breached is ridiculous. We know there are hacker documents out there on how to circumvent PatchGuard, and Microsoft has not had a good history of writing secure code."

In response, Microsoft claimed that PatchGuard, or Kernel Patch Protection, was "a critical step to making the kernel more secure".

"Kernel Patch Protection is not new to Vista; the technology has been shipping for more than three years and is currently available on XP 2003 and for Vista 64-bit shortly. McAfee's security solutions work on 64-bit systems. Customers can and will be protected by their solutions on 64-bit systems," a Microsoft spokesman said, adding that allowing third-party security vendors access to the kernel would cause "security, stability and integrity issues".

Dalton claimed Microsoft was trying to lock security vendors out of Vista so it could sell users its own security products such as OneCare.

"This is clearly an area where Microsoft is taking advantage of its position as vendor of 97 percent of the world's operating systems," said Dalton.

"Is Microsoft [locking vendors out] because the market will see other vendors are doing a better job at security? We may show them up as not having the greatest security product. I would say they're very worried [about that]," said Dalton. "You don't learn the technologies we've learnt overnight, and Microsoft's security attempts so far have been fraught with problems."

McAfee also claimed that Microsoft's refusal to allow its security console, Windows Security Center, to be turned off by vendors was a further attempt to sell more Microsoft products unfairly. "Windows Security Center is always on, always running in the background, saying 'Hey, come and look at Microsoft products'. I find it alarming," said Dalton.

Windows Security Center, introduced with Windows XP Service Pack 2, pops up on desktops to alert PC owners...

Topic: Security

About

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Google+ Contact

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • Microsoft should not disclose any info to anybody about how to get into the kernel.
    At the same time they sould stick to develop OS and leave everything else to others, but being the greedy corporation that they are, they want a finger in the pie which they helped to create with their sloppy code writing.
    The security crowd should go about their business which is to find the holes in, and solutions for the OS and applications, after all that is what hackers do without going to Bill and ask him how to do it.
    Security firms should not be too concerned about the OS steel wall around the kernel. As per MS's long track record, it won't be solid, but more like a sieve as they always have being doing.
    MS and the security industry are both crying wolf.
    anonymous
    Reply Vote
  • "Microsoft has not had a good history of writing secure code." In the past, the only thing M$ was interested in was getting a new product on the shelves, ready or not. And 100% of the time it was shipped too early. Stability and security took a back seat to beating a deadline. VISTA is already late, so they have had plenty of time to make it stable and secure, but like Dalton, I have to assume it will not be secure given their previous record. By locking the kernel they are preventing third parties writing secure software. It will come back to bite them.
    anonymous
    Reply Vote
  • When others issue patches for M$ products before them it realy inspires confidence in M$.

    Ok the others see their companies going down the tubes if wee Billy freezes them out. Would you be happy if your jacket was on an extremely loose nail ?

    I have yet to be convinced that M$ are the knight in shining armour and with their security record so far will take a lot of convincing.

    Conclusivly prove that security is completely buttoned down and is un-hackable then I might support M$ but until then I am looking for better security than what I have been receiving from them.
    anonymous
    Reply Vote
CNET Join | Log In | Privacy | Cookies Close