14 DAY TRIAL // The release of the draft application programming interfaces addressing the Kernel Patch Technology in 64-bit Windows Vista has failed to make the security community jump with joy, although the APIs are designed to circumvent PatchGuard and to deliver third-party developers access to Vista's core.
"Back in September, several of our security partners expressed concern over certain key technologies in Windows Vista such as Windows Security Center and Windows PatchGuard, a technology designed to protect the Windows kernel from advanced attacks such as rootkits. We were quick to respond to these concerns by providing our partners the needed APIs to enable their applications to affect the Security Center on Windows Vista PCs, thus giving them the option to pre-empt the appearance of multiple security pop-ups, which could have been confusing to some users," stated Nick White, Microsoft Product Manager.
While Symantec and McAfee were situated at the helm of the security community segment to criticize the Kernel Patch Protection, they were also among the first to release security solutions for Windows Vista and to receive the Vista APIs that will make their products functional in the context of PatchGuard.
Symantec has failed as far to comment on the release of the Windows Vista APIs. The Cupertino security company only revealed that they had received the APIs and begun analyzing them. As you may have guessed, Symantec is the neutral feedback source. And I say this based on the manner they handled the Windows Client/Server Runtime Server Subsystem (CSRSS) processes zero-day vulnerability. Under the title "Vista Vulnerable", Symantec only presented limited details of the facts and nothing more, and especially no criticism.
In this context, the positive feedback originated with McAfee. "Microsoft included some of the recommendations we had submitted, and it appears they did a good job on those," said George Heron, chief scientist McAfee. "Overall, McAfee is quite pleased with the path that Microsoft is taking."
"Part of the impetus for this development was a push to be more open with our partners and to ensure that a dialog occurred. Our Senior Program Manager Stephen Toulouse from the Security Technology Unit explained that MS and our partners were ultimately able to find common ground on concerns over PatchGuard once the technology's benefits were better understood. As I've said before, we take feedback from our partners and customers seriously -- they came to us with concerns, we addressed them, and progress is being made that benefits both sides," concluded White.