Microsoft has released a first draft of programming interfaces meant to help security firms create products that work with kernel protection features in Windows Vista. The new application programming interfaces, or APIs, will let software makers extend the functionality of the Windows kernel in 64-bit versions of Vista, Microsoft said on its website on Tuesday. Security companies, including market leaders Symantec and McAfee, had complained that Microsoft locked them out of the kernel.
To read all comments associated with this story, please click here.
Member since:2005-07-06
Has nothing to do with obscurity. Microsoft has technology in Windows Server 2003 which prevents the kernel being tampered with. Its called patch guard and microsoft has an improved version in Vista.
As with rootkits anti-virus software could previously do anything they liked in the kernel. Microsoft refused to cave in to the certain antivirus companies after the EU meetings. They agreed to provide them with API's to do whatever they needed done in the kernel.
What Microsoft - actually Allchin - was basically saying is, "You can have access to the kernel in a controlled manner via an API, but you don't get carte blanche access to do anything in the kernel". These are special API's created for the AV companies.
So AV companies despite knowing what patch guard is and what was coming waited until the last moment to run of crying to the EU.
Member since:
2006-04-28
The idea that MS could secure window by just not telling anyone the APIs for certain aspects of the kernel seems silly, surely it's better that it's out in the open than wait a few months until someone has dug up exploits and the antivirus vendors are miles behind them thanks to microsoft's security through obscurity...