News 

The security giants say that the kernel, the core software system, of the 64-bit version of Vista has been closed off with Microsoft's PatchGuard security feature, rendering it impossible to tweak third-party security software to work on the platform.

Microsoft has described the comments as 'inaccurate and inflammatory', and has acted to calm concerns, putting into development a new API that will allow security companies the access they need in order to protect the kernel and offer host intrusion detection (HIPS).

Now UK security firm Sophos has heard Microsoft's rallying cry, claiming that it has all the interfaces it needs to secure the 64-bit version of Vista.

'Symantec and McAfee may be struggling with HIPS because they haven't coded their solutions with high-spec Vista in mind,' said Richard Jacobs, CTO of Sophos. 'We've taken a different approach, by

ADVERTISEMENT

focusing on catching bad behaviour before it has a chance to occur. Additionally, we are building our technology by making use of supported Microsoft interfaces rather than by trying to subvert them. That's why we're ready for 64-bit Vista, and others aren't.'

Sophos isn't saying that McAfee and Symantec are wrong in their description of the barriers PatchGuard creates in accessing the Vista kernel, but rather that its approach to HIPS doesn't need the same low level access. Research group Gartner has also warned against Microsoft's closed kernel, advising businesses to steer clear of 64-bit Vista until Microsoft allows better control of the kernel functionality for security companies.

Even so, Sophos commended Microsoft for its PatchGuard feature. 'PatchGuard is a step in the right direction for customers, and we believe that security vendors should embrace and work with PatchGuard rather than fight it... It's clearly the case that we and other vendors will now have some dependency on Microsoft to deliver kernel interfaces for new security innovations, which could slow us all down,' said Jacobs. 'However this is more than compensated for by the additional security offered by Vista.'

Of course Sophos and Symantec and McAfee are from two very different camps. The latter two, with their massive consumer customer base, feel very threatened by Microsoft's moves in the security space, particularly its OneCare service, and are placing Redmond under close scrutiny to ensure a level playing field for all.