Microsoft accused of withholding Vista APIs

Microsoft accused of withholding Vista APIs

Summary: Update: Security vendors are almost apoplectic, claiming Microsoft is deliberately withholding access to its Vista spyware product, but the software giant denies the charge

TOPICS: Security

Anti-malware company Symantec has accused Microsoft of withholding key information about its upcoming Vista operating system, in an attempt to gain an unfair advantage in the security market.

Symantec claimed this week that Microsoft is refusing to hand over the application programmable interfaces (APIs) for Windows Defender, its spyware product which will be included in Vista.

Without the APIs, Symantec claims that it isn't able to ensure that its own security products are compatible with Vista.

Microsoft, though, insisted on Wednesday afternoon that the APIs are now available.

"Microsoft is affirmatively introducing bottlenecks to funnel customers to their products," said John Brigden, Symantec senior vice president for Europe. "It's all about control and dominance. They are deliberately delaying giving us the APIs," Brigden told ZDNet UK.

The antivirus company claimed on Tuesday that no security vendors had yet received APIs. The timing of this is crucial for Symantec, as it is due to ship a Vista-compatible Norton antivirus product to PC makers in October.

"No-one has received any information about Defender, and we're coming up to an OEM [original equipment manufacturers] shipment date in October. It's three weeks away," said Brigden.

Symantec has partnerships with equipment manufacturers Dell, Fujitsu, HP, IBM, Sony and Toshiba, among others. The antivirus vendor is worried that Microsoft will hand over the APIs so late that Symantec won't be able to make its antivirus software compatible with Vista in time.

"Microsoft will provide information about two days before the October shipment date, and say "We've given you the APIs". Now we're good, but we're not good enough [to integrate Norton with Defender] in that time," said a Symantec spokesperson.

Symantec hopes the APIs will be supplied before that, and would not comment on the damage to its OEM relationships should it not have enough time to integrate Norton into Vista.

Security vendor McAfee is also angry that Microsoft has not provided APIs for Defender. Sources close to the company confimed that Microsoft has not provided the APIs, and that senior McAfee executives "really have a bee in their bonnets" about the situation.

McAfee is concerned that there will be compatibility problems between its security systems and Vista, and that customers will not be able to remove Defender from their systems, ZDNet UK understands.

Microsoft responded to Symantec's concerns on Wednesday, and claimed that it made the APIs for Defender available earlier this week.

"As a result of our ongoing dialogue with partners and our customers, Microsoft decided in August this year to add the ability for any security software company to programmatically disable Windows Defender access through an API," said a Microsoft spokesman.

"Availability of the Defender APIs was announced to security partners on Friday 22 September, 2006 and, we understand, Symantec requested and received the go ahead to develop on that API on Monday 25 September," Microsoft added.

Symantec, though, insists that the APIs still aren't available.

Both Symantec and McAfee also claim not to have been given access to the PatchGuard kernel, a protective feature that vendors claim excludes them but lets in hackers.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • History repeating itself?
  • Shrug. I will upgrade to Vista the day it is requirement to get a job/project. Hopefully that means never.
  • This is just ridiculous! When has M$ ever attempted
    to be the dominant player in any market? Haven't
    they always shared with competing vendors? Security companies have gone too far this time. I'm sure vista will be compatible with all other security
    products. : (
  • Oh give me a break.... last time someone nagged about the Quick Launch API being missing, it was there the whole time along with the documentation.

    And last time Netscape claimed Win95 was deliberately made to crash it, it turned out that Quicktime neglected to follow Netscape's plugin API guidelines.
  • Besides... the Vista API isn't even finalized yet. It's ridiculous to set your release before your platform's and then complain to the maker of the platform.
  • Sure, as if the Vista APIs will ever be finalized. So withholding them makes perfect sense. For those whishing to gain unfair advantage. Equal oppurtunity? Dream on. There's one line that needs to be scratched from Microsoft's PR press releases.
  • Hey, it's not evil. In fact it's what cusomers really want: OS coming with full security suite. Nothing else needed to install and configure afer installing Windows.
    It's good, however enlarging the monopoly...
  • MS Win95 killed Borland, Watcom etc the same way.
    MS is circling their wagons again so all beware!