Skip to main content
  1. Home
  2. Computing
  3. News

Vista Kernel API Opened to Security Firms

Geoff Duncan
By

The brouhaha over developing third-party security applications for Windows Vista may be far from over, but Microsoft has followed up on a pledge it made last October to clue third-party security developers into the APIs they’ll need to use to tap into the Vista kernel.

In order to improve security in Windows Vista—at least, compared to the long-standing nightmare which has been security under Windows XP—Microsoft extended its PatchGuard technology to isolate the operation system kernel in the 64-bit edition of Windows Vista. The decision left no mechanisms for developers of third-party security applications—like Symantec and McAfee—to create security, scanning, and firewall products for the 64-bit version of Vista.

Recommended Videos

Microsoft has made the draft APIs available to third-party developers for testing and comment through the end of January, 2007, and promises a final version of the APIs will be available when Microsoft releases its first service pack for Windows Vista, expected in mid- to late-2007. So far, no security vendors have commented publicly on the API information received from Microsoft.

Related

“These new APIs for Windows Vista have been designed to help security and non-security ISVs develop software that extends the functionality of the Windows kernel on 64-bit systems, in a documented and supported manner, and without disabling or weakening the protection offered by Kernel Patch Protection,” said Ben Fathi, Microsoft’s Windows security chief, in a statement. Fathi also noted that the APIs are not finalized, and it expects to modify the specifications in response to feedback from security experts and developers. Microsoft has published a document (MSWord) outlining the process it uses to prioritize and evaluate requests for Kernel Patch Protection APIs.

In the meantime, computing enthusiasts, enterprise customers, and others interested in 64-bit editions of Windows Vista remain concerned that no third-party security products will likely be available for the operating system until some time after the release of Vista Service Pack 1.

Editors' Recommendations

Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Is macOS more secure than Windows? This malware report has the answer
A person using a laptop with a set of code seen on the display.

It’s a long-held belief that Macs are less at risk of malware and viruses than Windows PCs, but how true is that? Well, a new report has shed some light on the situation -- and the results might surprise you.

According to threat research firm Elastic Security Labs, roughly 39% of all malware infections happen on Windows PCs. In good news for Apple fans, only 6% of breaches occurred on macOS, making Mac systems far less vulnerable than their Windows counterparts.

Read more
Secondhand routers may be a serious security concern
A Wi-Fi router with an ethernet cable plugged in.

Security researchers have publicly revealed findings in a study that uncovered that more than half of the enterprise routers sold secondhand to online resellers, such as eBay, had not been factory reset and wiped of their data. This means the devices still contained sensitive company information from their previous owners when they were resold.

Researchers from the security firm ESET plan to showcase their study at the RSA security conference in San Francisco next week, but told Wired that they were able to uncover data of the enterprise organizations from the secondhand routers, including "network information, credentials, and other confidential data," with no major effort.

Read more
Apple’s security trumps Microsoft and Twitter’s, say feds
Apple's Craig Federighi speaking about macOS security at WWDC 2022.

Apple has long held a reputation for rock-solid security, and now the U.S. government seemingly agrees after praising the company for its security procedures. At the same time, the feds have suggested Microsoft and Twitter need to pull their socks up and make their products much more secure for their users, according to CNBC.

In a speech given at Carnegie Mellon University, Cybersecurity and Infrastructure Security Agency Director Jen Easterly pointed to Apple as a company that took security and accountability seriously, and suggested other companies should take note.

Read more