Rowan Trollope, vice president of consumer products, said Symantec has issues over Vista that center on Microsoft’s inclusion of its own firewall, Defender anti-spyware and the Windows Security Center (WSC) console.
At first Microsoft said it would not allow any ISV to turn any of these features off. It quickly backed down and said it would provide APIs that would allow customers to shut off the Microsoft firewall. It has also agreed to let vendors turn off Defender with the issuing of an SDK Trollope said. But it is taking a hard line with WSC.
According to Symantec, that is one feature that Microsoft does not want third-party security software providers to be able to turn off.
Mike Dalton, VP Europe at McAfee, also voiced concerns, saying that WSC forces its user interface on all other running products and when other security product subscriptions expire it will only be the Microsoft bundled solution that is presented.
Symantec has also pointed out the Vista Welcome screen that pops up everytime a PC is booted up will be promoting the use of Microsoft’s OneCare security service, something that could damage the market position of a vendor like Symantec.
Its take on this is that Microsoft is using its control over the operating system to try limit users only to security software offered by Microsoft, and to try limit the ability of ISVs to develop compatible software.
Symantec’s Trollope said that some other limitations could also play out in the enterprise space. He referred particularly to the version of the Windows kernel that runs on the x64 platform which will see introduced a new PatchGuard feature. This will help stop malicious code, but also some third-party software products from modifying certain operating system structures within Vista.
Microsoft says PatchGuard will ensure kernel stability, but ISVs maintain it will also prevent their legitimate Windows security products from working properly: As it stands, our products won’t be able to provide some of the sophisticated security features they can do now. The use of kernel patching, for example, to protect against attacks such as retro-viral threats which try to shut down an anti-virus system, would be not possible if PatchGuard is introduced.
Prior to 64-bit Windows, ISVs were not denied access to kernel data and services, and anti-virus vendors like McAfee and Symantec now want Microsoft to provide them with the ability to turn off PatchGuard, or disclose to them APIs or other means that would allow authorized security ISVs to access the kernel.
In an interview with Computer Business Review in June, Symantec chairman and CEO John Thompson warned that the $4bn anti-virus industry would not think twice about making a legal stand against Microsoft if it entered the sector in any way that leveraged its monopoly position.
If Microsoft enters the anti-virus market in a way that leverages its monopoly position, we will find that to be very, very unfair… and we will call Microsoft to task, he told us.
There now seems there is the distinct possibility that legal proceedings or political intervention could result, particularly in Europe where any behavior that appears in any way anti-competitive would not be tolerated by European Commission regulators. They could conceivably be provoked into instigating a new antitrust inquiry against Microsoft.
Symantec’s Trollope insists that the company is not currently involved in any coordinated effort to involve the European regulators.
There have been some inaccurate reports in the media that we’ve been laying the groundwork with the EC. It is no secret that we have been responding to enquiries of the EC regulators, but we believe the matter shouldn’t require government or legal intervention.
