McAfee Chides Microsoft Over Vista Security Policies

The security software maker contends that Microsoft directly rebuffed efforts to establish common ground over which third party tools interface with Vista.

Officials at security specialist McAfee said that Microsoft has flatly rejected a series of proposals meant to help ease integration between third-party software applications and the companys next-generation Windows Vista operating system.

High-ranking officials with McAfee, a provider of security applications and longtime partner of Microsofts, said that the software giant refused its suggestions for altering the manner in which aftermarket security tools are allowed to interact with the Vista OS, which is expected to arrive on the market as early as November 2006.

At the heart of the issue are two technological innovations being built into Vista by Microsoft that McAfee and other firms including anti-virus market leader Symantec contend will make their security software products less effective.

The complaints have been specifically aimed at new methods being employed by Microsoft to better lock down its upcoming OS from outside attacks, and arrive at a time when the software giant is also aggressively moving into the lucrative security applications arena.

One of the technologies, Microsofts PatchGuard system, which is designed to block access to the software kernel in 64-bit versions of Vista, will keep applications such as behavior monitoring and intrusion prevention systems from functioning as effectively as in the past, according to McAfee.

The other tool, dubbed Windows Security Center and meant to inform users when their PCs security applications are not functioning properly, will provide consumers with a false sense of protection and steer users away from third-party security applications, McAfee said.

Frustrated by its belief that PatchGuard and Windows Security Center will limit the efficiency and exposure of their companys products, McAfee officials said they approached Microsoft, of Redmond, Wash., with two separate proposals offering alternative methods of protecting the Vista kernel and providing desktop security information to users, respectively.

Those proposals were flatly rebuffed by Microsoft, leaving McAfee with no choice but to take its complaints public, company officials said.

"We proposed two solutions to the fundamental impediments we believe to exist in Microsofts attempt to protect the operating system and they have rejected these proposals summarily," said George Heron, chief scientist with McAfee, based in Santa Clara, Calif.

"We provided Microsoft with alternative ways in which we would be able to interface with their operating systems in the same manner that we have for years and those suggestions have been denied."

/zimages/6/28571.gifClick here to read more about how Vistas fortified kernal could mean trouble third-party apps.

Heron contends that Microsoft has failed to deliver on its promise to provide partners with sufficient engineering methods to allow their products to work properly with Vista.

While Microsoft has promised to deliver so-called software keys to third-party applications vendors that would allow them to interface more effectively with Vista, the company has not delivered on that pledge, the executive said.

As a result, McAfee believes that customers will not be able to protect their Vista systems from malware and other types of IT attacks with the same success that they have enjoyed while using aftermarket security products with existing versions of Windows.

Despite Microsofts defense that it is employing the more restrictive security measures in Vista to protect the interests of users, the companys current methods will leave people with fewer options for defending themselves, according to Heron.

Next Page: Microsofts response.