Microsoft releases Vista APIs to security vendors

Article

Microsoft releases Vista APIs to security vendors

Robert Westervelt, News Editor
Microsoft on Tuesday released a draft set of programming interfaces that would give third party security vendors access to the kernel of 64-bit versions of Windows Vista.

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

In the next several weeks, we'll continue gathering input about the draft specifications from ISVs and other security experts.
Ben Fathi,
corporate vice president, Security Technology UnitMicrosoft

In an announcement on its Web site, Microsoft's Ben Fathi said the draft set of application programming interfaces (APIs) "have been designed to help security and non-security ISVs develop software that extends the functionality of the Windows kernel on 64-bit systems, in a documented and supported manner, and without disabling or weakening the protection offered by Kernel Patch Protection."

Fathi, corporate vice president of Microsoft's Security Technology Unit, said the first set of APIs would create a control, which could be used to govern whether applications are allowed to be launched or manipulated.

The APIs would also provide API support to prevent tampering with process hosting security software, memory based controls to address space manipulation and image loading operations to prevent malicious code images from loading and executing.

Kernel Patch Protection:
Security Blog Log: The never-ending PatchGuard debate

Sept: Microsoft: We're not out to crush security vendors

Oct: Microsoft caves to pressure over Vista security

Opinion: Microsoft Kernel Patch Protection should be lauded

"In the next several weeks, we'll continue gathering input about the draft specifications from ISVs and other security experts," Fathi said.

The first set of APIs will be released in both 32-bit and 64-bit versions of Windows Vista Service Pack 1. Early test versions will be made available to ISVs to update and test their software in time for release along with Service Pack 1, Fathi said.

Third party security vendors, Symantec Corp. and McAfee Inc. and others have long accused Microsoft of locking them out , with its Kernal Patch Protection feature, formerly called PatchGuard. The feature was introduced by Microsoft to stop attackers from gaining access to Vista's kernel.

In October, Microsoft changed course , telling security vendors that it would create additional APIs, opening up Vista's core so third-party security products would work effectively with the new operating system.