A number of antivirus vendors have raised concerns over Microsoft’s increasingly “closed” attitude to its Windows operating system.
When asked what was on his list of concerns for the year, Catalin Cosoi, chief security researcher at BitDefender pointed to Microsoft’s OS, saying “Windows is continuing the trend of providing less and less access to their kernel – they’ve been doing that with Windows 7 and they will do the same with Windows 8”.
“However, it is a product that is being launched this year, it is going to have flaws, it is going to have zero-day vulnerabilities,” Cosoi told TechWeekEurope, suggesting Microsoft’s closed attitude to its OS kernel would, to some extent, harm the security of Windows.
“I think they are going in the same direction as Apple and Android, they are trying to close down because that is how they consider they can make a safer environment.”
If a vendor does not open up access to an OS kernel, or restricts it, it can make it more difficult for third-party security providers to make workable antivirus applications.
“It is true that Microsoft is becoming more restrictive than in the past. How far they go with the approach is not yet clear to us,” Corrons added.
Jacques Erasmus, chief information security officer at Webroot, said he thought issues with APIs in Windows 8 might give some vendors “problems” in making their software work effectively on the OS.
But Erasmus said most of the changes in Windows 8 “are for the better”. “For instance if your AV is expired, it will force you to actually have one installed, otherwise you won’t be able to log in,” he noted.
Windows 8 Metro apps also have a restricted security context, meaning users can alter the access they have to system resources.
Eugene Kaspersky, CEO of Kaspersky, said the fact that Windows was changing its APIs for gaining access to lower levels of Windows made life a little trickier for AV vendors, but it did not bother him as the Russian firm’s products would still work just as well on the next iteration of the OS. “It is a little problem, because the engineers have to change their minds a little bit, they have to adapt themselves to the new environment,” he said.
A Microsoft spokesperson noted how the the Windows maker was playing a big part in the security community, but did not comment on the issue of closing off access to the operating system’s kernel.
“Microsoft is committed to fostering collaboration and coordination among key players in the security and IT industry through a variety of ongoing programs such as the Microsoft Active Protections Program (MAPP), the Microsoft Vulnerability Research (MSVR) coordinated disclosure program, and many cross-industry legal and technical initiatives to help defend against ever-evolving online criminal threats,” the spokesperson told TechWeekEurope.
“We also participate in dozens of security conferences and symposia annually where we work closely with the security community. Together, we assess threats, share information and provide guidance to help protect customers and make a positive impact on the broader security ecosystem.”
Think you know security? Test yourself with our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…