Feeds

Ballmer: Microsoft helped security partners on Windows Vista

Lack of knowledge

Remote control for virtualized desktops

Steve Ballmer has pitched into the row over Microsoft's willingness to cough up vital Windows Vista APIs for partners to lock down the operating system against attack.

The Microsoft CEO said his company had done everything necessary to help security partners and to get Windows Vista out on time in Europe next month. He added he doesn't know anything about specific allegations made by vendors such as McAfee.

His words come as McAfee and Symantc, both said Microsoft had not gone far enough in releasing Windows Vista security APIs. Symantec claims the problem lies in defining which Windows Vista APIs are exactly ”available.”

With the clock ticking on Windows Vista's release, McAfee, Symantec and others have gone public in airing their grievances, saying that Microsoft has denied full access to the Windows Vista kernel. Instead, they must work though PatchGuard, which grants only partial access.

Last week, Microsoft announced two updates to Windows Vista's security in response to prodding from European Union anti-trust officials concerned about the operating system's potential effect on the competition. The Windows Vista Security Center will now not send security alerts to users who have installed security consoles from rivial security companies. Additionally, Microsoft claimed to have devised a "new security approach", allowing access to the kernel but retaining PatchGuard.

These changes, plus concessions in the browser upgrade process and an agreement to submit Microsoft's Adobe PDF rival XML Paper to a standards body (our money’s on Microsoft favorite - the European Computer Users Association) led Microsoft's top legal eagle Brad Smith to conclude: "We feel that we can move forward [with Windows Vista] in compliance with EU law."

Microsoft watchers, though, will be more than familiar with the company's policy of taking a drip-drip approach to releasing clear documentation on Windows APIs, with information only released either as a last resort or under pressure from judges.®

Beginner's guide to SSL certificates

More from The Register

next story
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
SLURP! Flick your TONGUE around our LOLLIPOP – Google
Android 5 is coming – IF you're lucky enough to have the right gadget
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Nexus 7 fandroids tell of salty taste after sucking on Google's Lollipop
Web giant looking into why version 5.0 of Android is crippling older slabs
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.