Microsoft Defends Itself
However, the company also defends that its own OS anti-tampering and behavior monitoring tools would be too hard to append to Vista in such a manner. "Those are going to be the ubiquitous technologies for protecting enterprises in the future, and they must interact with kernel," said Symantec spokesperson Chris Paden.At least one industry watcher believes that Symantec and McAfee have developed methods of their own for working with, or circumventing, PatchGuard, and contends that the firms have only kept the heat on Microsoft over the feature to keep antitrust regulators alert to Microsofts continued push into their territory. Andrew Jaquith, analyst with Boston-based Yankee Group, said that the entire controversy over PatchGuard is nothing more than the security vendors trying to ensure that Microsoft is not allowed to eliminate the need for their own security applications, specifically in the enterprise space. It is already widely believed that Vistas anti-virus features will have a decimating effect on demand from consumers for aftermarket products filling the same role. "The point about PatchGuard is less about whether its fair or the right thing to do, or whether it can be bypassed; its really another skirmish in the long-term war by the security companies of keeping Microsofts security activities regulated," Jaquith said. "Symantec and McAfee will have products that work with Vista available when it ships; they already have products available that work with PatchGuard in Windows XP." "The vendors do have a point when they say that Microsoft could have come up with a better manner of working with the industry over this feature and others, that didnt leave so much up for interpretation," the analyst said. "But this is about attempting to regulate a monopolist, and the vendors finding a relatively cheap way to slow down Microsofts move into the security business, and not the technology itself." Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
"Microsoft has helped its own cause with customers by cooperating further with the security industry to solve this problem, and they appear to have taken steps in that direction with the new APIs."