Last month, McAfee placed a full-page advert in the Financial Times, proclaiming that Microsoft's new Vista operating system will make it more difficult for security firms to protect customers because they have been denied access to the core of the OS. The ad read: "Microsoft is being completely unrealistic if, by locking security companies out of the kernel, it thinks hackers won't crack Vista's kernel. In fact, they already have."
Microsoft has made great strides towards better securing the OS. However, there remains a need for third-party security vendors, particularly with access to the OS kernels, to develop the most robust and necessary protection mechanisms to thwart the exploitation of what are sure to be highly obfuscated vulnerabilities that only the best security researchers will ever find.
Thus, while Vista is more secure, it is by no means the end-all, be-all of a "security conscious" platform. Security vendors spend a lot of time and resources focusing entirely on security. It's imperative that Microsoft continues to work closely with its security partners and allows them to develop solutions designed for the core of what's sure to be a revolutionary step in Windows evolution.
Sunil James, product manager, ASERT, Arbor Networks.