Microsoft agrees to share Vista data
Software giant will give security firms access to kernel of OS
Microsoft has agreed to provide some essential data from its forthcoming Vista operating system (OS) release to software security firms, following its earlier decision to withhold access.
The software giant told Reuters this month that it would give McAfee, Symantec and other security firms access to the kernel of the 64-bit version of Vista, which is due for release in January.
Microsoft used to allow access to security firms, but announced a change in policy ahead of the release of Vista.
The firms had complained that Microsoft was not allowing them access to the kernel, which meant it was harder for them to develop patches for vulnerabilities in the OS.
McAfee took out a full-page advertisement in the UK’s Financial Times newspaper in which it claimed Microsoft has taken an entirely proprietary approach to securing Vista by embedding in the OS its own Window Security Centre — a product which cannot be disabled even when users purchase an alternative solution.
Microsoft has promised the data in order to comply with European Union regulations linked to competition issues.
The codes will allow security software from other vendors to suppress Microsoft’s own security pop-ups.
Steve Ballmer, CEO of Microsoft, told Reuters that the firm would deliver the data to security firms this month during US working hours.
However a spokesperson for McAfee said shortly after Ballmer’s claim that, it had only received a document containing the software development kit (SDK) for Windows Security Centre and had not received any information from Microsoft regarding PatchGuard, a Microsoft technology to protect key parts of Windows.
“Contrary to what it says publicly, Microsoft has not cooperated with the leading security providers. In fact, we have not received anything at all from Microsoft concerning PatchGuard. From McAfee’s perspective, it is not at all acceptable for MS to wait until a service pack and not offer us kernel access until after the launch of Vista.”
“We urge MS to give security vendors this access as quickly as possible and not wait until the 11th hour so that we can offer our ‘customers the best protection,” the spokesperson added.
A spokesperson for Symantec said at the time of the original decision: “By putting the core of the Vista OS into a ‘lock box’, and not allowing the software of security vendors to access the core, Microsoft is tying the hands of customers from using the widest variety of security solutions to secure their computers and networks.”