Feeds

Ballmer: Microsoft helped security partners on Windows Vista

Lack of knowledge

Top three mobile application threats

Steve Ballmer has pitched into the row over Microsoft's willingness to cough up vital Windows Vista APIs for partners to lock down the operating system against attack.

The Microsoft CEO said his company had done everything necessary to help security partners and to get Windows Vista out on time in Europe next month. He added he doesn't know anything about specific allegations made by vendors such as McAfee.

His words come as McAfee and Symantc, both said Microsoft had not gone far enough in releasing Windows Vista security APIs. Symantec claims the problem lies in defining which Windows Vista APIs are exactly ”available.”

With the clock ticking on Windows Vista's release, McAfee, Symantec and others have gone public in airing their grievances, saying that Microsoft has denied full access to the Windows Vista kernel. Instead, they must work though PatchGuard, which grants only partial access.

Last week, Microsoft announced two updates to Windows Vista's security in response to prodding from European Union anti-trust officials concerned about the operating system's potential effect on the competition. The Windows Vista Security Center will now not send security alerts to users who have installed security consoles from rivial security companies. Additionally, Microsoft claimed to have devised a "new security approach", allowing access to the kernel but retaining PatchGuard.

These changes, plus concessions in the browser upgrade process and an agreement to submit Microsoft's Adobe PDF rival XML Paper to a standards body (our money’s on Microsoft favorite - the European Computer Users Association) led Microsoft's top legal eagle Brad Smith to conclude: "We feel that we can move forward [with Windows Vista] in compliance with EU law."

Microsoft watchers, though, will be more than familiar with the company's policy of taking a drip-drip approach to releasing clear documentation on Windows APIs, with information only released either as a last resort or under pressure from judges.®

3 Big data security analytics techniques

More from The Register

next story
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.