Symantec and McAfee ‘should have prepared better’ for Vista
Symantec and McAfee have recently made high-profile complaints that they are being “locked out” of the Vista operating system kernel by Microsoft’s PatchGuard technology. It is claimed that this allegedly anti-competitive move by Microsoft will prevent security firms from developing host intrusion prevention (HIPS) systems for Vista to protect against new malware.
However, Sophos argues that its approach to HIPS technology has met with no problems on both the low-spec and high-spec versions of Windows Vista. In addition, Sophos claims that Microsoft has so far provided all the interfaces that Sophos needs for providing this form of protection.
“Symantec and McAfee may be struggling with HIPS because they haven’t coded their solutions with high-spec Vista in mind,” said Richard Jacobs, CTO of Sophos.
“We’ve taken a different approach, by focusing on catching bad behaviour before it has a chance to occur. Additionally, we are building our technology by making use of supported Microsoft interfaces rather than by trying to subvert them. That’s why we’re ready for 64-bit Vista, and others aren’t.”
Jacobs added that he believes PatchGuard is a “positive step” by Microsoft to improve security in Windows Vista, and is not in itself anti-competitive, provided that Microsoft delivers on its commitment to provide the same level of kernel support and integration to third party security vendors as it does to its own security product team.
“It’s clearly the case that we and other vendors will now have some dependency on Microsoft to deliver kernel interfaces for new security innovations, which could slow us all down,” continued Jacobs.
“However this is more than compensated for by the additional security offered by Vista. PatchGuard is a step in the right direction for customers, and we believe that security vendors should embrace and work with PatchGuard rather than fight it.”