|
Vista Security Spat Escalates as Microsoft Ships Defender
Published: October 25, 2006
by Alex Woodie
Microsoft on Monday released Windows Defender, a free anti-spyware program that has been in development for more than two years, in its final form. The move highlights Microsoft's strengthening efforts to control the security tools business, and coincides with an escalation of the battle between Microsoft and the developers of security software that customers rely on to protect themselves from vulnerabilities in Microsoft's products over who will protect users of Windows Vista.
Up to this point, Symantec and McAfee--the two biggest vendors in the multibillion-dollar Windows security tool aftermarket--have been the most vocal about the changes Microsoft is making to Windows security with the upcoming release of Vista.
Those complaints have revolved around two main elements, including the new kernel protection feature for 64-bit versions of Windows Vista called PatchGuard (sometimes referred to as Kernel Patch Protection or Host Intrusion Prevention [HIPS]) and who controls the security-related screens with all versions of Vista: Microsoft and its Security Center, or the third-party vendors and their products.
Microsoft made several concessions on these issues, including a commitment to make certain APIs available to provide the third-party security tool makers with the necessary functionality, which we reported to you last week. But those moves are too little, too late, according to the vendors.
"We've been talking to them for over two years on this issue," Rowan Trollope, Symantec's vice president for consumer engineering, was quoted as saying in an Associated Press article published Monday. "And now (with) basically a very short amount of time before the operating system comes out, we're not in a good position to provide that security to our customers."
A similar sentiment was expressed by McAfee. "We're turning blue holding our breath waiting for something to happen," McAfee chief scientist George Heron told the AP. "And frankly so are the users. This is the 11th hour. Now is not the time to crack open the designs."
Now we're now hearing Sophos' take on all this. Sophoes is an English company that sells antivirus, anti-spyware, and intrusion detection software, among other security tools, to customer all over the world.. In a statement published yesterday on its Web site with the title "Symantec and McAfee should have prepared better for Vista", Sophos shamed its larger competitors.
"Symantec and McAfee may be struggling with HIPS [host intrusion prevention] because they haven't coded their solutions with high-spec [64-bit] Vista in mind," says Richard Jacobs, CTO of Sophos. "We've taken a different approach, by focusing on catching bad behaviour [sic] before it has a chance to occur. Additionally, we are building our technology by making use of supported Microsoft interfaces rather than by trying to subvert them. That's why we're ready for 64-bit Vista, and others aren't."
Not surprisingly, Microsoft employees were making the most of Sophos position. In her blog Spyware Sucks, Microsoft engineer Sandi Hardmeier praised Sophos and took McAfee and Symantec to task for being such fussbudgets. "I've got to agree with this; if McAfee and Symantec did a little more coding and a little less bitching, they might get somewhere," the distinguished Internet Explorer developer wrote.
Microsoft security developer Jeff Jones took a slightly similar (but less divisive) stand on the Sophos vs. McAfee and Symantec issue. "Okay, we all recognize this as a marketing move. But, hey, it's a marketing move I can smile about," Jones wrote in his blog, the aptly named Jeff Jones Security Blog.
The spectacle of a security meltdown with Windows Vista isn't doing anything to help popularize 64-bit computing, which has taken huge steps forward recently, thanks to the rapid adoption of X64 processors that can run in either 32-bit or 64-bit mode, and Vista itself, the first release of a desktop version of Windows designed from the start to run in 64-bits.
In fact, the whole PatchGuard issue won't likely be resolved until Windows Vista Service Pack 1 (SP1) is delivered in 2008, according to a new research note from Gartner analyst Neil MacDonald. Microsoft has committed to work with ISVs to develop APIs for PatchGuard, MacDonald writes. "However, these APIs do not yet exist, and the changes will require changes to the 64-bit Windows kernel that will not be complete in time for the initial release of Vista," he says.
The lack of support by vendors like McAfee and Symantec will only exacerbate what's expected to be a slow migration to 64-bit desktop computing among enterprises. "Slow desktop migration to 64-bit Windows and problematic driver availability mean that this limitation will affect very few enterprises before it is initially addressed in SP1," MacDonald writes. "But, if Microsoft is slow to deliver these capabilities or fails to meaningfully collaborate, it risks further antitrust concerns."
Amid all this hullabaloo, Microsoft managed to ship Windows Defender, the first official release of the anti-spyware product since Microsoft acquired GIANT Company in late 2004 and started a beta program. Windows Defender is a free product that will compete with the likes of Lavasoft 's Ad-aware and the Spybot - Search & Destroy from Safer Networking--two pieces of freeware that have been "de rigueur" members of Windows users' desktops since the spyware epidemic started taking off near the end of the last millennium.
Microsoft has made several enhancements to Defender since the last beta release, including: the addition of a higher-performance scanning engine; a simplified user interface and alerts; better control over other programs; multiple language support; support for users with non administrator-level system privileges; support for assistive disabled people; new scheduling features; and support for Windows XP Professional x64 Edition.
For more information on Windows Defender or to download it, visit www.microsoft.com/athome/security/spyware/software/about/overview.mspx.
RELATED STORIES
Microsoft Abides by EC Requests on Vista
Will the EC Mandate "Windows Vista, Security-Less" Edition?
Microsoft Unveils New Security Tools and Security Vendor Consortium
|
