Microsoft releases first draft of PatchGuard APIs
They'll be offered to third-party security vendors
Computerworld - Microsoft Corp. today released draft application programming interfaces designed to allow third-party security products to get around a contentious kernel protection technology in the 64-bit version of the Vista operating system called PatchGuard.
The draft APIs will be available to security vendors for testing and comment through the end of January. A final version of the APIs will then become available when Microsoft releases Service Pack 1 for Vista sometime in mid-2007, according to Ben Fathi, vice president of development for the Windows Core Operating System.
Microsoft today also released a separate criteria evaluation document that details the processes Microsoft used in evaluating vendor requests for APIs to the Vista kernel. As with the draft APIs, Microsoft is seeking third-party security vendor feedback on its criteria evaluation processes.
"We are publishing this to be very clear and above board on what our processes are for establishing the new APIs that we are going to add to the kernel," Fathi said. "We want to hear feedback from partners and the rest of the industry on whether this is a good set of criteria or not."
The APIs and the criteria evaluation document are part of Microsoft's response to widespread concerns within the security industry and the European Union (EU) over PatchGuard, Fathi said.
Microsoft itself has said the kernel patch protection technology is vital to ensuring the security and stability of the 64-bit Vista operating system because it prevents unauthorized modifications to the kernel -- both by security vendors and malicious attackers. The technology is especially key in protecting against problems such as rootkits, the company has said.
But several security vendors, including industry leaders such as Symantec Corp. and McAfee Inc., have claimed that PatchGuard prevents them from delivering certain functions, such as host-based, intrusion-prevention and tamper protection for security software. Such functions require kernel-level access to the operating system. Both vendors have argued that Microsoft is using its market dominance to unfairly hinder their capabilities at a time when Microsoft is seeking to expand its own presence in the security space.
In a bid to assuage those concerns and to address broader antitrust concerns in the EU, Microsoft in October said it would deliver a set of APIs that would allow vendors to continue delivering advanced security features.
Today's draft APIs are based on feedback from 26 security vendors and address four major areas, Fathi said. They include APIs for tamper protection, memory-based controls and image-loading operations. Together, the APIs address a majority of the issues raised by third-party security vendors in discussions over the past few months, Fathi said.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts