Microsoft has made the first step in what will be the process of opening up the kernel of the 64-bit editions of Windows Vista to third-party security developers. In excess of 25 security vendors with Symantec and McAfee being the most prominent names, accounting for a total of 45% of the market, have been negotiating with Microsoft over access to the kernel of 64-bit editions of Windows Vista.

In response, Microsoft has released this week, the first draft of the Windows Vista Application Programming Interfaces (APIs), delivering limited access to the operating system's core. "We are publishing this to be very clear and above board on what our processes are for establishing the new APIs that we are going to add to the kernel," revealed Ben Fathi, vice president of development for the Windows Core Operating System. "We want to hear feedback from partners and the rest of the industry on whether this is a good set of criteria or not."

The draft application programming interfaces will be available to third-party security developers by the end of January 2007, and Microsoft is looking to receive feedback and comments following the testing process. The final version of the APIs will become available concomitantly with Windows Vista Service Pack 1. Microsoft has not as yet revealed an official date for the release of Vista Sp1 but has pointed to the summer of the coming year as an approximate period.

The fact that Microsoft is laboring to produce the Windows Vista Application Programming Interfaces is equivalent with keeping PatchGuard, the kernel patch protection in 64-bit Vista right in place. Along with the APIs, a Criteria Evaluation document, detailing Microsoft's analysis of the security vendors approach to the Application Programming Interfaces.

"What we have always said is we don't want third parties modifying the kernel itself to achieving some functionality because it is not supportable," Fathi added. "So our definition of access to the kernel is access through documented supported APIs."