Microsoft Locks out the good guys!


A protective feature in Windows is locking out the good guys, but letting in a lot of bad guys, according to security software makers.

 

Microsoft designed PatchGuard to safeguard core parts of Windows, including Vista, against malicious code attacks. But some security companies say that the feature makes it harder for them to protect Windows PCs, as it locks them out of the kernel, the core of the operating system.

 

Security vendors such as Symantec are complaining that the new safe guard is severely limiting the capabilities of next generation security software. Security vendors are claiming that the new Microsoft PatchGuard does more to block security software than it does to prevent malware on user PCs

 

Symantec is not alone in its complaints, but it is the largest security company to speak out publicly. Sana Security and Agnitum, two smaller vendors, said they share its concerns, but giants Cisco Systems and McAfee declined to comment for this story.

 

Microsoft defends the technology, which applies only to 64-bit versions of Windows. Cybercrooks have found ways to exploit the kernel for malicious purposes, making the protection offered by PatchGuard key to securing the operating system, said Stephen Toulouse, a program manager in Microsoft′s Security Technology Group.

 

Microsoft states that it feels it is more important to stop malware from getting on consumer machines, than it is to allow third-party vendors, no matter what the software, to extend the kernel. Microsoft′s push into the security market has put many defense providers on guard. Symantec, especially, looks wary; it has said it will compete with Microsoft as long as there is a level playing field. Now, for the first time, Symantec is saying that Microsoft is limiting the security choices of consumers--which could be interpreted as anticompetitive behavior.

 

PatchGuard debuted a year ago in Windows XP x64 Edition, but the technology was never broadly adopted. That′s set to change when Windows Vista hits store shelves in January, analysts expect. As people buy PCs with 64-bit processors use of the 64-bit edition of Windows will increase.

 

In particular, PatchGuard inhibits host intrusion prevention products, security vendors and analysts said. These "HIPS" products are an upcoming class of security software that determines whether a program is malicious by looking at its behavior, rather than using the classic signature-based approach, which checks a program against a database of known threats.

 

Security vendors are calling on Microsoft to allow exceptions in the kernel shield for trusted third parties. Microsoft opposes the idea of making exceptions, as it would increase the number of entry points that miscreants could take advantage of.

Source cnet news: http://news.com.com/Windows+defense+handcuffs+good+guys/2100-7355_3-6104379.
html?tag=nefd.lede

 

This Feed is Powered by My RSS Creator.com