Security vendors slam Microsoft secrecy

IT security vendors have criticised Microsoft for refusing them access to the central code of its new Vista operating system.

  • E-Mail
By  Daniel Stanton Published  October 5, 2006

IT security vendors have criticised Microsoft for refusing them access to the central code of its new Vista operating system. McAfee took out a full-page advertisement in the Financial Times this week to urge Microsoft to give them access to Vista’s kernel, in order to more easily develop software to counter its vulnerabilities, and Symantec has also made public its opposition to the move. A spokesperson for Symantec told ACN: “By putting the core of the Vista operating system into a ‘lock box’, and not allowing the software of security vendors to access the core, Microsoft is tying the hands of customers from using the widest variety of security solutions to secure their computers and networks. “For example, new technologies such as behaviour blocking must have access to the core to ensure the operating system is protected from the inside out. Tamper-prevention technology, which combats retro-active viruses, also must have access to the core in order for the solution to be completely effective.” The spokesperson added: “PatchGuard has already been hacked into. It is already vulnerable. It will be accessed. By blocking out the software from the ‘good guys’ to go after a hacker who has accessed the core of the operating system, Microsoft has actually created a less secure operating system by seeing to it that they and security vendors would be helpless to protect such an attack.” Symantec said that any security measures would now have to be reactive, rather than proactive, describing Microsoft’s approach as “an old, outdated mode of security, geared for threats from three or four years ago”. Patrick Hayati, regional director for the Middle East, McAfee, said: “We had full access and we were able to work with them [Microsoft] closely. Now they’ve stopped cooperating which obviously is not a good position to have. “Everyone knows that many of the more serious threats today are because of inherent weaknesses in the operating system. We really need to be able to protect the Microsoft users. “Everyone knows that most of the flaws are because of Microsoft. Obviously customers know that and they will look beyond Microsoft. We need to work with Microsoft to help their and our customers stay secure. “There are other methods to come up with the required security, but it would be a lot easier and a lot more straightforward if we all worked together to make it happen.” Microsoft said in a statement: “Partners are at the core of Microsoft’s business model. We have worked closely with our security partners throughout the development of Windows Vista, and continue to do so.”

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code