Sophos claims McAfee and Symantec poorly prepared for Vista
The frank exchange of views over access to the kernel using a Vista API is starting to get a little bizarre. Now anti-virus software manufacturer Sophos has come out on the side of Microsoft and accused competitors of failing to prepare adequately for Vista. Kaspersky has also recently commented that it was unable to identify any obstruction on the part of Microsoft.
According to Sophos, it has long been clear that the 64-bit version of Vista would be equipped with a kernel protection function. McAfee and Symantec have, however, neglected to give due consideration to adapting their products. This is why they are now getting into difficulties with Vista's host intrusion prevention (HIPS). "Symantec and McAfee may be struggling with HIPS because they haven't coded their solutions with high-spec Vista in mind," explained Richard Jacobs, CTO of Sophos. Microsoft has already provided all the interfaces required to allow products to integrate with Vista.
Nevertheless, Jacobs confirmed that protective features such as PatchGuard present certain problems for some other manufacturers' security products in working with Vista, because they are no longer able to gain direct access to the kernel. However, the extra protection provided makes up for this shortcoming. In Sophos' opinion, other manufacturers should simply accept PatchGuard rather than working against it. They have taken a different approach to running under Vista - they detect the initial attempt to infect a computer and do not wait to start fighting it until an infection has been successful. They can therefore assure their customers that their anti-virus software will still offer complete protection under the 64-bit version of Vista.
Meanwhile Symantec is trying to stir up support in the Apple community. The anti-virus manufacturer warns in a press release that Macs are increasingly becoming the target of viruses and hackers. The number of security vulnerabilities has more than tripled from 19 in 2004 to 72 in 2006. Earlier this year McAfee diagnosed a sharp increase in the number of vulnerabilities in MAC OS X. Although to date no malware for MAC OS X has achieved a large presence, this is due to programming errors by the authors of the viruses and Apple's still small market share. It is easy to find exploit code for Macs on the internet and it is therefore likely that Mac OS X will soon be plagued by the same problems as Windows - botnets, spyware, spam and DDoS attacks.
- Symantec and McAfee should have prepared better for Microsoft Windows Vista, press release from Sophos
- Microsoft: McAfee's criticism of Vista inaccurate and inflammatory
- Microsoft creates Vista APIs for security firms