Gartner: Vista PatchGuard Changes Will Take Years - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

04:12 PM

Gartner: Vista PatchGuard Changes Will Take Years

The APIs that Microsoft has promised security vendors--to help them create new Vista-compatible products without touching the kernel itself--will take a very long time to implement, a Gartner analyst says.

Research firm Gartner on Thursday said that Microsoft's proposed changes to Windows Vista security, particularly plans to create APIs that will let security vendors access some aspects of the operating system kernel, will take years to implement.

Microsoft's concessions, which were announced last week as part of a multiple-move effort to avoid new antitrust charges or fines leveled by the European Union's Competition Commission, included changes to PatchGuard, technology to deploy in the 64-bit version of Windows Vista that walls off the kernel. PatchGuard is meant to stop malicious code from making changes at the kernel level, and has been touted by Microsoft as a defense against rootkits and other malware.

Security vendors, particularly Symantec and McAfee objected to PatchGuard, and charged that by blocking "kernel hooking" -- intercepting Windows' system calls and modifying the kernel dispatch table -- Microsoft was making it impossible for them to implement advanced security techniques. Both companies were blunt in accusing Microsoft of locking down the kernel to stifle rival security products.

As part of the plan outlined Friday and reiterated this week, Microsoft said it will create a set of APIs (Application Programming Interface) that will give a select group of legitimate security vendors the ability to duplicate on the 64-bit edition of Vista functionality they now have via kernel hooking on 32-bit Windows, but "without direct access to the kernel."

Those APIs are going to take time, lots of time, to build, said Gartner analyst Neil MacDonald in a research note.

"These APIs do not yet exist, and the changes will require changes to the 64-bit Windows kernel that will not be complete in time for the initial release of Vista," said MacDonald. "Moreover, any kernel changes may have a 'ripple effect' up the software stack and will require retesting of all of Windows Vista applications."

In fact, MacDonald estimated that the first APIs won't be delivered until early 2008, about the time a first service pack (SP1) for Windows Vista would be expected. "More complex work and more APIs [would be] delivered with SP2 or later," he added. The effect: a possible stall in enterprise adoption of the 64-bit edition of Vista.

"Only partial functionality may be available even after SP1's release," warned MacDonald. Enterprises should then "pressure ISVs [Independent Software Vendors] and Microsoft to work together to achieve rapid development of a mutually acceptable, trusted methods of interacting with the Windows kernel, starting with SP1 and evolving over the next several years."

On another Vista security front, Microsoft also promised it would bend on the operating system's security dashboard, dubbed Windows Security Center. Vendors had wanted Microsoft to give them the means to completely disable the dashboard and replace it with their own, but the Redmond, Wash. developer only offered to hand over APIs that would let rivals suppress Security Center alerts that duplicated those from the vendors' consoles.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
Enterprise Guide to Edge Computing
Cathleen Gagne, Managing Editor, InformationWeek,  10/15/2019
Rethinking IT: Tech Investments that Drive Business Growth
Jessica Davis, Senior Editor, Enterprise Apps,  10/3/2019
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll