Categories: PCSecurityWorkspace

Infosec: Antivirus Vendors Fret Over Microsoft’s Closing Windows

A number of antivirus vendors have raised concerns over Microsoft’s increasingly “closed” attitude to its Windows operating system.

When asked what was on his list of concerns for the year, Catalin Cosoi, chief security researcher at BitDefender pointed to Microsoft’s OS, saying “Windows is continuing the trend of providing less and less access to their kernel – they’ve been doing that with Windows 7 and they will do the same with Windows 8”.

“However, it is a product that is being launched this year, it is going to have flaws, it is going to have zero-day vulnerabilities,” Cosoi told TechWeekEurope, suggesting Microsoft’s closed attitude to its OS kernel would, to some extent, harm the security of Windows.

An Apple-esque move?

“I think they are going in the same direction as Apple and Android, they are trying to close down because that is how they consider they can make a safer environment.”

If a vendor does not open up access to an OS kernel, or restricts it, it can make it more difficult for third-party security providers to make workable antivirus applications.

Panda Security’s Luis Corrons pointed to “the deprecation of some networking technologies like TDI (Transport Driver Interface) or NDIS (Network Driver Interface Specification), in favour of the Windows Filtering Platform (WFP), so that vendors will need to adapt their firewalls for instance to work with WFP if they want to get certified”. TDI and NDIS are packet filtering technologies that Microsoft is hoping to phase out.

“It is true that Microsoft is becoming more restrictive than in the past. How far they go with the approach is not yet clear to us,” Corrons added.

Jacques Erasmus, chief information security officer at Webroot, said he thought issues with APIs in Windows 8 might give some vendors “problems” in making their software work effectively on the OS.

But Erasmus said most of the changes in Windows 8 “are for the better”. “For instance if your AV is expired, it will force you to actually have one installed, otherwise you won’t be able to log in,” he noted.

Windows 8 Metro apps also have a restricted security context, meaning users can alter the access they have to system resources.

Eugene Kaspersky, CEO of Kaspersky, said the fact that Windows was changing its APIs for gaining access to lower levels of Windows made life a little trickier for AV vendors, but it did not bother him as the Russian firm’s products would still work just as well on the next iteration of the OS. “It is a little problem, because the engineers have to change their minds a little bit, they have to adapt themselves to the new environment,” he said.

A Microsoft spokesperson noted how the the Windows maker was playing a big part in the security community, but did not comment on the issue of closing off access to the operating system’s kernel.

“Microsoft is committed to fostering collaboration and coordination among key players in the security and IT industry through a variety of ongoing programs such as the Microsoft Active Protections Program (MAPP), the Microsoft Vulnerability Research (MSVR) coordinated disclosure program, and many cross-industry legal and technical initiatives to help defend against ever-evolving online criminal threats,” the spokesperson told TechWeekEurope.

“We also participate in dozens of security conferences and symposia annually where we work closely with the security community. Together, we assess threats, share information and provide guidance to help protect customers and make a positive impact on the broader security ecosystem.”

Think you know security? Test yourself with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

18 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

19 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

19 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

20 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

20 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

21 hours ago