Security features in the Windows Vista kernel obstruct innovations by
antivirus and other security applications, security vendor
Symantec has claimed.
"If security vendors don’t have access to the platform kernel, it cuts down
on our ability to innovate and create compatible solutions,"
Oliver
Friedrichs, director of emerging technologies in Symantec Security Response
wrote on the company's website.
Advertisement
The kernel is the part in a computer's operating system that manages the
system's resources and communicates between hardware and software components.
Altering the kernel allows malware authors to access any part of a system. A
rootkit, for instance, requires access to the kernel to hide files from the
system and security software. Microsoft
therefore in Windows Vista has instated regular checks on the kernel's integrity
and requires that all device drivers are signed by an independent certificate
authority.
In the third of a series of three whitepapers
(PDF
download) on Vista's security, Symantec probed the security kernel security
features and claimed that it is possible to circumvent the security features.
Security applications, however, rely on kernel extensions to do their work,
Friedrichs pointed out.
And while they are blocked, malware authors have already successfully
demonstrated ways to circumvent Vista's kernel security features.
"These new technologies, along with Microsoft’s unwillingness to make
compromises in this area, have serious implications for the security industry as
a whole," said Friedrichs.
"If Microsoft wants to make Vista more secure, it should provide equal acce
ss to the platform that its own developers have to ensure that security vendors
can continue to innovate on the platform, and to ensure that consumers and
original equipment manufacturers can continue to choose the best security
solutions for the platform. This has always been the case with prior operating
systems."
He alleged that Microsoft is forcing end users to only use solutions offered
or allowed by the software vendor, thereby stifling competition and innovation
in the security industry.
"In the end, a less secure internet will result and both consumers and
enterprises will find themselves more vulnerable to cyber attack," Friedrichs
concluded.
Do you agree?
Have your say on this article