Microsoft executive clarifies recent market confusion about Windows Vista Security
An open letter to customers from Jim Allchin, Co-President, Platforms & Services Division
Published: October 20, 2006
As you may know, Microsoft has confirmed that we’re on track for worldwide delivery of Windows Vista to volume license business customers in November, with general availability in January. We’re very excited, because this launch will bring you many great new features and improvements.
We’re especially excited because we’re about to deliver the most secure and reliable operating system ever developed by Microsoft. Windows Vista will make it much easier for you to protect your PC from unwanted software such as viruses, worms, and spyware. Windows Vista will make it much easier for you to enjoy a safer online experience for yourself and your family.
Our progress toward launch is the result of a lot of hard work, and not only by our developers at Microsoft. We’ve had tremendous help from thousands of you who’ve tested beta versions of Windows Vista and provided great feedback. We’ve sought extensive input from our industry partners because one of our goals is for Windows Vista to help stimulate further innovation and growth in the IT industry.
We’ve taken a number of steps in response to guidance from government competition authorities and input from industry vendors, while still maintaining the security protections that are so critical to Windows Vista:
We redesigned the Windows Security Center dashboard so that it can provide the status of your anti-virus, anti-spyware, firewall and related security solutions, regardless of whose security software you choose to use. Windows Security Center is the only dashboard that takes this neutral approach.
We created an application programming interface (API) that allows security vendors and OEMs to turn-off Windows Defender, the integrated anti-malware solution in Windows Vista. This new interface was provided in Windows Vista RC1.
We created new APIs that allows third-party security alerts to replace the alerts provided by Windows Security Center. This new interface was provided to security vendors on Monday, October 16, 2006.
We have committed to work with security vendors to identify and develop new supported and documented APIs for monitoring certain kernel activity on 64-bit Windows Vista without bypassing Kernel Patch Protection, and these discussions are underway between our engineering teams and our third-party security partners.
There seems to be confusion in some quarters about certain features of Windows Vista that are designed to help make it more secure and reliable. One of the misunderstandings surrounds Kernel Patch Protection, also known as PatchGuard. To be clear, the term “patch” here should not be confused with how software providers deliver legitimate updates (e.g., bug fixes) to you. Kernel Patch Protection helps protect the integrity and reliability of the Windows kernel, the core of the operating system. Kernel Patch Protection also makes PCs more secure by helping protect against potentially malicious software known as rootkits, which modify the kernel in an attempt to hide from detection.
Kernel Patch Protection is not new. Last year it was built into the 64-bit versions of Windows XP and Windows Server 2003. With Windows Vista, Kernel Patch Protection will likewise be incorporated into 64-bit versions only. We have been exploring ways to implement Kernel Patch Protection on 32-bit Windows systems, but have not done this yet, although some customers have requested it, because of limitations of the 32-bit architecture and because it will cause compatibility issues for some applications and devices that are already in use. In adapting applications and devices to take advantage of 64-bit Windows, on the other hand, developers have an opportunity to resolve these compatibility issues.
It is important to remember that Microsoft (for years) has actively discouraged third-party applications developers from designing software that modifies the Windows kernel, because such software has been known to cause instability issues and lower the reliability of Windows. Rather than allow kernel modifications that could cause reliability and security problems for you, Microsoft has worked for many years with third-party developers, such as security software developers, to encourage the use of Microsoft-supported extensions that enable them to build more effective and reliable products.
Some security vendors have asked Microsoft to provide instructions on how to disable Kernel Patch Protection in 64-bit versions of Windows, because their products include some features that modify the Windows kernel in undocumented and unsupported ways. Making exceptions and allowing some vendors special access to modify the Windows Vista kernel is unworkable. It opens the door wide for malicious software. For example, rootkits could be designed to present themselves to the operating system in the guise of a legitimate application that was given special access. Also, making exceptions will prolong the reliability problems that are caused by unsupported kernel modification, such as when multiple applications compete to patch the same kernel interfaces.
In the case of security solutions, unsupported kernel modifications also limit your choices, by making it extremely difficult or impossible for multiple security solutions to co-exist reliably on a system. We want to work with security providers to make common extensions available, so that any security vendors can use them, and so that security software does not itself put your security and reliability at risk from malicious kernel modifications.
Here is what we are doing to maintain the integrity and security of 64-bit Windows, while still addressing the needs of our security partners:
Contrary to some media reports, Microsoft will not weaken the security of 64-bit Windows by enabling some applications to modify the kernel of the operating system.
We have applied our no-exceptions policy against kernel patching to Microsoft applications as well as third party applications, consistent with our Windows Principles. No application can bypass or weaken Kernel Patch Protection—this is essential to improving security and reliability for you. Note that many third-party security companies provide highly competitive products without modifying the Windows kernel in unsupported ways.
For legitimate third-party applications that have intentionally patched the 32-bit Windows kernel in unsupported ways, Microsoft will continue to work with these third-parties to identify, prioritize, design and develop new interfaces for 64-bit Windows that will help their applications perform needed tasks, without directly modifying, bypassing or weakening Kernel Patch Protection. We have already begun discussions with the engineering teams of major third-party security vendors about the functionality they are seeking.
Microsoft will continue to work closely with others in the software industry to resolve any interoperability issues that may arise, particularly any issues that arise from our efforts to ensure that Windows Vista is more secure and reliable by design.
In short, we are committed to providing the best operating system we can for you – one that you can depend on and feel safe using. With this goal in mind we will continue to work very constructively with others in the industry consistent with our Windows Principles.
Thank you for your support and interest in Windows Vista.