Microsoft partners fuming over Vista
By JORDAN ROBERTSON, AP Business Writer
Microsoft Corp. is no stranger to antitrust skirmishes and complaints
from competitors about unfair business practices.
But the latest fight over its upcoming Vista operating system pits
Microsoft against an unlikely adversary: the security software vendors
who are some of its most intimate partners in protecting its
notoriously vulnerable systems from attacks.
As Vista's planned release nears, the company is facing a backlash
from such vendors as Symantec Corp. and McAfee Inc., which argue that
even the concessions Microsoft recently made to appease European
antitrust regulators won't do enough to help them best protect their
"We've been talking to them for over two years on this issue," said
Rowan Trollope, Symantec's vice president for consumer engineering.
"And now (with) basically a very short amount of time before the
operating system comes out, we're not in a good position to provide
that security to our customers."
Ultimately, consumers will decide whether Microsoft's own security
measures are adequate to combat increasingly sophisticated Internet
threats and keep personal data safe from hackers and online criminals.
But the showdown also marks an important turning point in how computer
users buy security software.
Microsoft now competes directly with Cupertino-based Symantec and
Santa Clara-based McAfee with its own product, called OneCare, posing
a substantial threat to vendors who have been vital to protecting
generations of Microsoft operating systems.
European antitrust regulators have warned Microsoft not to shut out
rivals in security software and other markets, and the European Union
so far has fined the Redmond, Wash., company $970 million over the
current flavor of Windows.
To quell EU concerns about Vista, Microsoft pledged to make key
changes, but the vendors remain unsatisfied and have threatened
antitrust lawsuits. McAfee issued a statement Thursday complaining of
the company's failure to live up to "hollow assurances."
Industry analysts said Microsoft's new dual role could inadvertently
make the operating system more vulnerable.
"Microsoft's priority should be simple: Fortify the operating system,
make it secure, make it as impenetrable as possible, but work with the
third parties," said Joe Wilcox, a senior analyst with Jupiter
Vista will be Microsoft's first major upgrade to its flagship
operating system since Windows XP's release in 2001. The company touts
Vista's sleeker looks, improved search capabilities and simplified
organization as key upgrades over previous systems.
But several key security changes prompted Symantec and McAfee
officials to launch withering public attacks in recent weeks.
Executives accused Microsoft of unfairly promoting its own security
software with a dashboard that couldn't be disabled by vendors. The
company pledged technological information to turn off the feature,
designed to help customers easily see what protections are switched
Vendors also howled over an icon on the welcome screen linking to
Microsoft security products. Microsoft refused to remove the link but
has vowed to link to other security companies.
The biggest -- and currently unresolved -- fight hinges on vendors'
claims they have been locked out of access to the core, or kernel, of
higher-end, 64-bit versions of Vista.
A new feature called PatchGuard is meant to protect the most sensitive
information in the guts of the system. While blocking out hackers,
PatchGuard also keeps out security vendors that have traditionally
been allowed inside to retrieve necessary information.
Vendors said their products will thus lack advanced security features
for 64-bit users (The 32-bit version that consumers are likely to get
does not include PatchGuard and thus offers access to the disputed
Microsoft said the methods previously used were undocumented and
unsupported and left the system less secure and less
stable. Customers, the company said, demand better security.
The company has agreed to permit limited kernel access, but will not
provide a "blanket exception" or turn off the feature entirely, said
Stephen Toulouse, a senior program manager in Microsoft's Security
"We did look at that, but we got consistent feedback that that
wouldn't be a good option for the customer," he said. "We want to make
clear that we will work with those vendors. It will take some time,
but we're committed to making that happen."
Microsoft held online briefings with security vendors on Thursday to
address their concerns, though technical difficulties booted some
Security vendors said their engineers are going to have to scramble to
update their software once the technical tools they need become
available, which could be months away.
Vista begins shipping to computer manufacturers and larger businesses
next month. Consumers should be able to buy the new operating system
"We're turning blue holding our breath waiting for something to
happen," McAfee chief scientist George Heron said in an
interview. "And frankly so are the users. This is the 11th hour. Now
is not the time to crack open the designs."
In the meantime, third-party vendors said their products will work but
won't have maximum protection. Microsoft said its products will adhere
to the same rules and won't have an unfair advantage.
Security experts said it's unclear whether Microsoft's stance on
protecting the kernel will make Windows more secure, though it will
likely challenge hackers to try to crack it.
"No matter how secure any operating system is, if it has been built by
man, it can be broken by man," said Ken Dunham, director of the rapid
response team at VeriSign Inc.'s iDefense Intelligence. "While it
might be a major improvement, there is no silver bullet."
Vendors said customers are likely to agree.
"It's a little bit like the fox guarding the hen house," Symantec's
Trollope said. "If Microsoft can control the ways that companies can
innovate, if they can control the dialogue of security with the
customer, you end up with a security monoculture. And that's
Copyright 2006 The Associated Press.
NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
For more news and headlines, please go to: