Security vendor circumvents Windows Vista's Patchguard

By

Security researchers with Authentium have found a way to circumvent the Patchguard security technology that Microsoft has built into the 64-bit version of its forthcoming Windows Vista operating system.

Security vendor circumvents Windows Vista's Patchguard
The Patchguard technology over the past months has been subject of a fierce debate between security vendors and Microsoft because it prevents some anti-virus software from functioning.

Facing potential penalties from anti trust authorities in Korea and the EU, Microsoft earlier this month promised to provide application programming interfaces (APIs) that would allow third party security products to properly function in Windows Vista. It may take years however before these APIs will be published and fully functioning.

Authentium's technology allows an application to effectively disable Patchguard. The company decided to develop the tool because it required kernel access for its VirtualATM product that is slated for release in December.

The company in a blog posting argued that providing kernel access to third party websites will enable future security innovations.

"This is about enabling innovative new technologies and countering new emerging threats and criminal strategies. If new security innovations are not encouraged, consumers will lose out."

"If we (the good guys) can gain access to the Vista kernel, so can sophisticated, well-financed hackers. These days, most hackers are exactly that - sophisticated and well-financed. We implore Microsoft not to 'go it alone' in security."

Microsoft however said that it won't tolerate outside developers to circumvent its technology features and plans to issue a patch to block Authentium's technique.

"If a vulnerability is discovered in Kernel Patch Protection, Microsoft will issue a security update as part of the standard Microsoft Security Response Center process," the company said in an emailed statement.

"Microsoft strongly recommends that software vendors not attempt to bypass Kernel Patch Protection. This has the potential of destabilising and crashing customer systems, particularly in cases where Kernel Patch Protection is enhanced and updates are delivered to customers."

Microsoft stressed that it will provide APIs that will offer functionality similar functionally to what developers had in other Windows versions.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
circumventspatchguardsecurityvendorvistaswindows

Sponsored Whitepapers

Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?