Symantec has warned that its customers will have a hard time getting their software security to work with Windows Vista when it ships next year.
Two new features introduced with Vista - an enhanced Windows Security Center, and a feature in the 64-bit version of Vista called PatchGuard - will be harmful to customers by making it harder for them to use third-party software, Symantec has said. Microsoft says it is adding the features to lock down the operating system.
"There's no question that they're leveraging a monopolistic position to limit customer choice," said a Symantec spokesman. Symantec executives also accused Microsoft of being more difficult to work with on Vista than with previous operating system introductions. They stopped short of accusing Microsoft of anti-trust violations however. "It's not anti-competitive behaviour, because Vista hasn't even hit the market yet," said the spokesman.
Security vendors like Symantec have begun to compete with Microsoft head-on, and the spectre of further anti-trust actions looms. Last week, the European Union's competition spokesman warned that the market could be threatened if Microsoft doesn't allow security vendors a fair chance of competing.
Symantec and other security vendors dislike PatchGuard because it prevents them from accessing the Windows kernel. They say it will stop them from delivering important features like Symantec's "anti-tampering" technology, which prevents malicious programs from modifying Symantec's own software.
PatchGuard will also make it more difficult for security vendors to protect against malicious software that takes advantage of kernel-level bugs, said Eric Sites, vice president of research and development with Sunbelt Software. "There are a lot of new exploits coming out that exploit kernel-level drivers," he said. "If we're able to get into the kernel, we can watch for things like that, but with what Microsoft is doing we can't do that."
Microsoft exec Stephen Toulouse however said that PatchGuard was simply an effort to prevent the kernel from being misused. "We think that there's a significant amount of confusion around... certain security features in the product that we think raise the foundation," he said. "What we're doing is we're walling off the kernel from attackers, because the functionality that is currently there, was never meant to be used by anybody - by software vendors or attackers."
But PatchGuard is enabled only in the 64-bit version of Windows. Because there are few 64-bit applications written for Vista, most of Vista's initial users are expected to run the operating system in 32-bit mode, and their security software will still be able to access the kernel.
A more immediate issue for Symantec is many Vista users will find that both the Windows Security Center and Symantec warnings will pop up simultaneously. This doesn't happen with Windows XP because Symantec's software is able to automatically disable the Windows warnings, but Vista users will have to turn off the Security Center themselves.
This will make things unnecessarily complicated for many customers, said Rowan Trollope, Symantec's vice president of consumer engineering. "Most users can't figure out how to do that," he said. With two warnings popping up, each with different wording, users will be confused at best, and may simply begin ignoring security warnings altogether, said Sites.
Some observers have speculated that Symantec may press the EU for action against Microsoft in this matter, but Trollope and Paden wouldn't say what Symantec planned to do to address these problems. "We're looking at all the possibilities now," said Trollope, "And none of them are good for customers."