The simmering battle between Microsoft and the two biggest security software vendors is boiling over as Microsoft finalizes changes to the Windows Vista operating system that Symantec and McAfee say impede their products.
The crux of the dispute is Vista's ability to protect its most fundamental code from cyberattacks versus the ability of other companies' software to check for telltale signs of malicious programs. As Microsoft prepares to release a final test version of Windows Vista, the software vendors are stepping up talks with antitrust regulators and kicking off a public-relations campaign against what they see as Microsoft's attempts to block their products.
For Microsoft's business customers, better security will be the chief selling point for Vista, the company's first new desktop operating system in more than five years. In an InformationWeek Web survey of 672 business technology managers last month, 89% of respondents cited Vista's security features as an incentive to upgrade, well ahead of any other reason (see story, "Survey: Businesses Prepare For Windows Vista"). In addition to bundling antivirus and anti-spyware software into Windows and limiting users' ability to install software, Microsoft has closed a loophole that gave products from Symantec, McAfee, and other makers of security software access to the Windows kernel, which controls the operating system's most basic functions. The vendors use that access to detect and block rootkits, keystroke-logging software, and worms.
Trouble is, malware writers exploit the same interfaces to access Windows' kernel, a threat that Microsoft says outweighs the benefits. Modifying the kernel also compromises Windows' performance, according to the company. Versions of Vista for 64- bit PCs will include technology called PatchGuard that prevents kernel modification. "Either everybody has access to the kernel," says Microsoft senior product manager Stephen Toulouse, "or nobody does."
Symantec and McAfee say the move undercuts their products at the very moment Microsoft is entering the $4 billion market for desktop security software. Microsoft "is putting the core of the operating system in a lock box," says a Symantec spokesman. Security vendors also are asking Microsoft to make it easier for users to uninstall Windows Security Center, a dashboard that controls security settings in Vista. "You almost need an IT help desk" to change the controls, a McAfee spokeswoman says.
|Vista's Sticky Issues|
Closed access to Windows' kernel disables some vendors' malware-fighting techniques
Vista's security dashboard overrides the control panels of Symantec's and McAfee's products
New startup screen prompts users to sign up for Microsoft's OneCare antivirus and anti-spyware service
Next up could be a challenge to Vista's "Welcome Center" boot-up screen, which prompts users to sign up for Microsoft's OneCare security update service. Symantec's spokesman calls the screen "a smoking-gun example" of Microsoft leveraging its Windows monopoly to push its other products. Even Trend Micro, a security company that's allied with Microsoft, says that's going too far. "OneCare is a direct competitor to our product" and shouldn't receive preferential treatment, says VP of marketing Carol Carpenter.
Separately, Microsoft said Vista will toughen measures against software piracy. Users of software that Microsoft thinks is pirated will lose access to Vista's Aero graphical interface and eventually forfeit the ability to read E-mail and open files.