Microsoft releases PatchGuard APIs

ronjor · Dec 20, 2006

Microsoft yesterday released draft APIs (application programming interfaces) designed to allow third-party security products to get around a contentious kernel protection technology in the Vista OS (operating system) called PatchGuard.
Click to expand...

Story

Rasheed187 · Dec 20, 2006

This is what Symantec and others wanted right? So now security tools can be just as powerful as on XP I guess? And the bad guys will not be able to use the API´s?

Notok · Dec 20, 2006

What worries me more than the APIs is that security tools may still rely on the integrity of the kernel, which eliminates rootkit detection which is, IMO, probably going to be the biggest threat Vista users will face. The security tools will request information from Windows, and will need Windows to return the right information.. anyone else see a problem with this?

ronjor · Dec 20, 2006

The APIs will offer security and nonsecurity software makers the ability to develop software that extends the functionality of the Windows kernel on 64-bit systems in a documented and supported manner, without disabling or weakening the protection offered by kernel patch protection, Microsoft said.
Click to expand...

Article

Rasheed187 · Dec 28, 2006

Any comments on this article? I´m not sure what to think, I mean I do believe that MS does have a point, not?

Microsoft claims that it has not been forced to scale-back the parameters of PatchGuard by creating the APIs, and claims that the newly released code does not allow so-called kernel "hooking," a technique that security providers said they would need to continue to employ to make their products work with Vista.

"This first set of draft Windows Vista APIs have been designed to help security [vendors] extend certain functionality in the Windows kernel on 64-bit systems, without disabling or weakening the protection offered by kernel patch protection," said Toulouse. "We're working to deliver well-architected APIs that enable the security vendors to continue delivering feature-rich security solutions without undermining the security, reliability or stability of the Windows kernel."
Click to expand...

http://www.eweek.com/article2/0,1759,2075846,00.asp?kc=EWRSS03129TX1K0000614

Log in or Sign up

Microsoft releases PatchGuard APIs

ronjor Global Moderator

Rasheed187 Registered Member

Notok Registered Member

ronjor Global Moderator

Rasheed187 Registered Member

Log in or Sign up

Microsoft releases PatchGuard APIs

ronjor Global Moderator

Rasheed187 Registered Member

Notok Registered Member

ronjor Global Moderator

Rasheed187 Registered Member

Useful Searches