Microsoft caves to pressure over Vista security

In recent months Microsoft has refuted accusations from security vendors like Symantec Corp. and McAfee Inc. that it was developing Windows Vista in a way that would lock out third-party security products. But now it seems the software giant is caving to the pressure.

Microsoft said Friday it will make some code modifications so third-party security vendors can access Vista's core, something the vendors say is necessary if they are to develop products that work effectively with the operating system.

The company is also making adjustments to quell antitrust concerns coming from the European Commission, Microsoft General Counsel Brad Smith said in a statement. Smith confirmed that the company has also incorporated changes to Windows Vista in South Korea to comply with legal obligations there. Europe and South Korea have long voiced concern that Microsoft would stifle competition by baking its own software into Vista. A move that antitrust regulators complained would put people off buying rival products.

"We recognize that the European Commission does not give 'green lights' for new products, and we have not asked for one," Smith said. "We appreciate the constructive dialogue we have had with the commission and the guidance the commission has provided. Based on this guidance, we have made changes to ensure that we're in compliance with our competition law obligations, and we are moving forward to make Windows Vista available on a worldwide basis."

Executives at Symantec Corp. and other security vendors have expressed fear that some of Vista's security technology will make it harder for them to build products that protect customers. One of their concerns is that Vista's PatchGuard feature, designed to prevent malicious people from accessing the kernel, among other things, will also prevent any security software other than Microsoft's from functioning on a user's PC.

Microsoft security manager Stephen Toulouse tried to calm those fears in an interview with SearchSecurity.com last month, promising that users would be able to disable its security features if they wish to use security tools from another vendor, as long as the Vista security features were re-enabled in the event a user removed the third-party tools.

Microsoft took that a step further late last week, saying it will create additional codes called APIs so rival vendors can access the operating system's core and, as a result, write effective security software.

Vendors have scrambled to keep up with the software giant, which has moved aggressively into the security market in recent years with offerings like the firewall in Windows XP Service Pack 2 (SP2), as well as an antispyware and malware removal tool that's updated each month. More recently, Microsoft rolled out Windows Live OneCare, which combines antivirus, antispyware and firewall capabilities into one tool.

The long-delayed Windows Vista is expected to be released to large enterprises in November and to the general public in January. Microsoft proudly demonstrated those features at the Black Hat USA 2006 conference in Las Vegas in August.

Material from Reuters was used in this report.