Microsoft scheduled a meeting Thursday with security vendors to discuss its plans to release application programming interfaces (API) that will allow third-party products to work around a kernel protection technology in the Vista kernel called PatchGuard.
A Microsoft spokeswoman said via e-mail Thursday that the company is holding meetings to "initiate discussions with partners on the process for developing methods by which third-party software can work alongside Kernel Patch Protection on 64-bit platforms without disabling it or weakening the protections offered by it."
The company's decision appears to have been prompted by growing vendor criticism over Microsoft's delay in providing details after it had already publicly committed to releasing the APIs.
A spokesman for Symantec, one of the vendors that has been critical of Microsoft's silence, confirmed this morning that an online meeting with Microsoft was scheduled for later Thursday to discuss PatchGuard-related APIs. A McAfee spokeswoman also confirmed that a meeting was taking place but added, "The content of the meeting remains to be seen."
A senior executive at another security vendor who requested anonymity added that the meeting was being conducted under very tight nondisclosure agreements.
PatchGuard has been at the center of a simmering dispute between Microsoft and several security vendors, most notably Symantec and McAfee. Microsoft maintains that Patch Guard would increase operating system reliability by protecting the Vista kernel from unauthorized modification by third parties, including security vendors and malicious attackers.
Symantec and McAfee have argued that Microsoft's use of PatchGuard amounts to an anticompetitive practice because it would prevent them from delivering certain key functions in their products. This includes capabilities such as behavior-based virus detection, host-based intrusion prevention and software tamper protection, all of which work by making modifications to the operating system kernel.
Microsoft last week said it would release APIs that would allow vendors to work around Patch Guard and for preventing a Windows Security Center dashboard function from appearing by default on end-user systems. The concessions were an apparent effort by Microsoft to squelch broader antitrust concerns in the European Union.
Microsoft started making APIs available for turning off the Windows Security Center dashboard function last Friday. But the company remained conspicuously silent on the PatchGuard issue, provoking strident criticism from security vendors that are concerned about their ability to deliver fully functional products in a 64-bit Vista environment without having a way to get past PatchGuard.