14 DAY TRIAL // Jim Allchin's clarification on Windows Vista's security is in actuality a defensive speech of the Kernel Patch Protection technology, also referred to as PatchGuard, in 64-bit Vista. Microsoft's Co-President, Platforms & Services Division emphasized the modifications introduced to Windows Vista in order to put to rest monopoly concerns. "We've taken a number of steps in response to guidance from government competition authorities and input from industry vendors, while still maintaining the security protections that are so critical to Windows Vista," stated Allchin.
Under this category fall the changes to the Windows Security Center dashboard. Consequently, the Microsoft dashboard was switched to neutral in order to support and display the status of third party security solution. The Redmond Company also introduced, starting with Vista Release Candidate 1, an application programming interface that enables switching-off Windows Defender as the anti-malware solution is an integer part of Vista. Another API, delivered to security developers on October 16, 2006 allows the replacing of windows Security Center alerts.
"We have committed to work with security vendors to identify and develop new supported and documented APIs for monitoring certain kernel activity on 64-bit Windows Vista without bypassing Kernel Patch Protection, and these discussions are underway between our engineering teams and our third-party security partners," said Allchin.
Emphasizing that there is no connection between the software patching process and the Kernel Patch Protection, Allchin defended PatchGuard presenting it as a line of defense against rootkits. As was the case with the 64-bit versions of Windows XP and Windows Server 2003, Microsoft will only introduce PatchGuard into 64-bit editions of Vista. Allchin revealed that Microsoft has explored the implementation of PatchGuard on 32-bit Windows systems but stated that the 32-bit architecture and compatibility problems prevented the scenario.
"It is important to remember that Microsoft (for years) has actively discouraged third-party applications developers from designing software that modifies the Windows kernel, because such software has been known to cause instability issues and lower the reliability of Windows. Rather than allow kernel modifications that could cause reliability and security problems for you, Microsoft has worked for many years with third-party developers, such as security software developers, to encourage the use of Microsoft-supported extensions that enable them to build more effective and reliable products," added Allchin.
Microsoft additionally stated that it will make no exceptions at allowing security developers access to the Vista kernel, although the Redmond Company was approached with such variants.
"In the case of security solutions, unsupported kernel modifications also limit your choices, by making it extremely difficult or impossible for multiple security solutions to co-exist reliably on a system. We want to work with security providers to make common extensions available, so that any security vendors can use them, and so that security software does not itself put your security and reliability at risk from malicious kernel modifications," concluded Allchin.