Symantec has accused Microsoft of withholding key information about its
upcoming Vista operating system in an attempt to gain an advantage in the
The security specialist said this week that Microsoft is refusing to hand
over the application programmable interfaces (APIs) for Windows Defender, the
spyware product that will be included in Windows
Vista. Without the APIs, Symantec contends that it is not able to ensure that
its own security products are compatible with the update.
"Microsoft is affirmatively introducing bottlenecks to funnel customers to
their products," said John Brigden, Symantec senior vice president for Europe.
"It's all about control and dominance. They are deliberately delaying giving us
Microsoft responded to Symantec's concerns on Wednesday, and said that it had
made the APIs for Defender available earlier this week.
"As a result of our ongoing dialogue with partners and our customers,
Microsoft decided in August this year to add the ability for any security
software company to programmatically disable Windows Defender access through an
API," a Microsoft representative said.
"Availability of the Defender APIs was announced to security partners on
Friday, Sept. 22, 2006, and we understand Symantec requested and received the
go-ahead to develop on that API on Monday, Sept. 25," Microsoft said.
Microsoft added the functionality to disable Windows Defender in Release
Candidate 1 of Vista, or RC1, which came out early this month. There may
have been some confusion in the industry because the accompanying information
for developers, called a software development kit, or SDK, did not provide
details on the functionality, the company said.
"Two weeks after releasing RC 1, we provided the follow-up documentation,
which was released out-of-band, normally we release it with major milestones,"
said Adrien Robinson, business development manager at Microsoft. "The confusion,
I think, that people are having is that the functionality is not in the RC 1
SDK, and the reason for that is that we added it just before RC1."
Symantec, though, insists that the APIs still aren't available.
The timing of the release of APIs is crucial for Symantec, as it is due to
ship a Vista-compatible Norton antivirus product to PC makers in October.
"No-one has received any information about Defender, and we're coming up to
an OEM (original equipment manufacturers) shipment date in October. It's three
weeks away," Brigden said.
Symantec has partnerships with equipment manufacturers Dell, Fujitsu,
Hewlett-Packard, IBM, Sony and Toshiba, among others. The antivirus vendor is
worried that Microsoft will hand over the APIs so late that Symantec will not be
able to make its antivirus software compatible with Vista in time.
"Microsoft will provide information about two days before the October
shipment date, and say 'We've given you the APIs.' Now, we're good, but we're
not good enough (to integrate Norton with Defender) in that time," a Symantec
Symantec hopes the APIs will be supplied before that. It would not comment on
the potential damage to its relationships with PC partners, should it not have
enough time to integrate Norton into Vista.
The entry of Microsoft into the security market has put
incumbents on their guard, given the software giant's US$34 billion cash pile
and a hefty presence on desktops. On top of this, European
Commission regulators and Microsoft are in the middle of a tussle over the
potential antitrust impact of security components in Vista.
Security vendor McAfee is also irked that Microsoft has not provided APIs for
Defender. Sources close to the company confirmed that Microsoft has not provided
the APIs, and that senior McAfee executives "really have a bee in their bonnets"
about the situation.
McAfee is concerned that there will be compatibility problems between its
security systems and Vista, and that customers will not be able to remove
Defender from their systems, CNET News.com sister site ZDNet UK has learned.
Symantec and McAfee are battling Microsoft for the ability to replace
the Windows Security Center with their own security consoles. Additionally,
the security companies also claim the PatchGuard feature in 64-bit editions of
Vista excludes them but lets in hackers. CNET News.com's Joris Evers contributed to this report.