Microsoft backs down over rivals' Vista access

Microsoft has announced it will give security software makers technology to access the kernel of 64-bit versions of Vista for security-monitoring purposes. But its security rivals remain as yet unconvinced.

Redmond also said it will make it possible for security companies to disable certain parts of the Windows Security Center in Vista when a third-party security console is installed.

Microsoft made both changes in response to antitrust concerns from the European Commission. Led by Symantec, the world's largest antivirus software maker, security companies had publicly criticised Microsoft over both Vista features and also talked to European competition officials about their gripes.

A Symantec spokesman said: "We have not seen anything yet. These are technical issues. Until we actually see the APIs, all we know is what they have said in the media. So far they have not done anything."

APIs, or application program interfaces, are the actual parts of Vista that Microsoft said it would make available, so security companies can access the Vista kernel and disable parts of Windows Security Center.

The spokesman said: "If it is true, then it would be a step in the right direction for giving customers the choice to use whatever solutions they would like."

The technology to suppress Windows Security Center alerts should be available next week but APIs related to kernel protection still need to be developed and may not be ready before Microsoft ships Vista to PC makers and CD factories, said Adrien Robinson, a director in Microsoft's Security Technology Unit.

Robinson said: "We do not want vendors... accessing the kernel through unmodified approaches or modifying the kernel. We will not allow them to go on the fly and modify the kernel, basically circumventing PatchGuard. We need to work with them on the right approaches to work with PatchGuard."

McAfee and Check Point Software Technologies, maker of ZoneAlarm security software, welcomed Microsoft's announcement but, like Symantec, reserved judgment.

A McAfee spokeswoman said: "We are encouraged by Microsoft's recognition that there is a problem. However, we do not have specific information on the nature of these changes, or their timing. As more information becomes available, we will study it carefully before forming a view on whether Microsoft's plans provide a reasonable basis for addressing these issues."

Timing is of the essence. Security providers, including Symantec and McAfee, want to have products available that work with Vista the moment it is released. The long-awaited successor to Windows XP is slated to be available to large business users next month and the general public in January.

The Symantec's spokesman said: "If the APIs exist, then Microsoft should make them available to the security industry immediately. We will have Vista-compatible solutions when the operating system is finally available for consumers. Last we heard, that was going to be January; therefore, we need these APIs yesterday."

Joris Evers writes for CNET News.com