Symantec on the attack over Vista security features

Customers might have a tougher time getting their security software to work properly on Vista, Symantec says.

When Windows Vista ships next year, customers might have a tougher time getting their security software to work properly, according to executives from Symantec.

At issue are two new features being introduced with Vista: an enhanced Windows Security Center as well as a feature in the 64-bit version of Vista called PatchGuard. Microsoft says it is adding these features to lock down the operating system, but Symantec believes that they will be harmful to customers by making it harder for them to use third-party software.

"There's no question that they're leveraging a monopolistic position to limit customer choice," said Chris Paden a Symantec spokesman.

While Symantec executives did accuse Microsoft of being more difficult to work with on Vista than with previous operating system introductions, they stopped short of accusing Microsoft of antitrust violations. "It's not anti-competitive behavior, because Vista hasn't even hit the market yet, " Paden said.

Security vendors like Symantec are in a state of heightened sensitivity these days as they've begun to compete with Microsoft head-on, and the specter of further antitrust actions looms over Microsoft's every move in the security space. Last week the European Union's spokesman on competition, Jonathan Todd, warned that the market could be threatened if Microsoft doesn't allow security vendors a fair chance of competing.

Symantec and other security vendors dislike PatchGuard because it prevents them from accessing the Windows kernel. They say it will stop them from delivering important features like Symantec's "anti-tampering" technology, which prevents malicious programs from modifying Symantec's own software.

PatchGuard will also make it more difficult for security vendors to protect against malicious software that takes advantage of kernel-level bugs, said Eric Sites, vice president of research and development with Sunbelt Software.

"There are a lot of new exploits coming out that exploit kernel-level drivers, " he said. "If we're able to get into the kernel, we can watch for things like that, but with what Microsoft is doing we can't do that."

Microsoft declined to be interviewed for this article, but in an interview last week, a Microsoft executive said that PatchGuard was simply an effort to prevent the kernel from being misused.

"We think that there's a significant amount of confusion around... certain security features in the product that we think raise the foundation," said Stephen Toulouse a senior product manager in the Security Technology Unit. "What we're doing is we're walling off the kernel from attackers, because the functionality that is currently there was never meant to be used by anybody -- by software vendors or attackers."

But PatchGuard is enabled only in the 64-bit version of Windows. Because there are few 64-bit applications written for Vista, most of Vista's initial users are expected to run the operating system in 32-bit mode, and their security software will still be able to access the kernel.

A more immediate issue for Symantec is many Vista users will find that both the Windows Security Center and Symantec warnings will pop up simultaneously.

This doesn't happen with Windows XP because Symantec's software is able to automatically disable the Windows warnings, but with Vista users will have to turn off the Security Center themselves.

This will make things unnecessarily complicated for many customers, said Rowan Trollope, Symantec's vice president of consumer engineering. "Most users can't figure out how to do that," he said.

With two warnings popping up, each with different wording, users will be confused at best, and may simply begin ignoring security warnings altogether, said Sites.

Some observers have speculated that Symantec may press the EU for action against Microsoft in this matter, but Trollope and Paden wouldn't say what Symantec planned to do to address these problems. "We're looking at all the possibilities now," said Trollope, "And none of them are good for customers."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?