Little did Rich Skrenta realise in 1982 that his teenage prank, the Elk Cloner virus, would spawn a multi-billion- pound industry built on the back of security loopholes in Microsoft's operating systems. Now the malware-eradication industry is a behemoth, with antivirus, anti-spam, anti-spyware and other assorted tools regarded as indispensable on a modern network-attached Windows PC.
The nature of the threats has evolved over the years, from simple code that
would replicate itself by infecting the boot sector of disks, to sophisticated
trojans,
keyloggers and increasingly clever tricks that now make the management of a
business computing environment a thoroughly miserable task.
So when there's an advance from Microsoft that seals up some long-standing basic Windows security holes, it should be a cause for celebration. One such advance came in 2003, when Microsoft launched the first versions of Windows to support Intel and AMD processors with 64bit extensions. One major change it made was to lock down the kernel to prevent it being modified or extended by third-party software.
For Vista, this technology is called PatchGuard, and it has been the subject of some bizarre claims from security vendors McAfee and Symantec. To sum it up in a headline it would be "Security vendors complain that Vista is too secure".
It turns out that security vendors have become used to hooking their software deep into the Windows kernel to detect malware. Microsoft doesn't condone this but can't do anything about it without requiring vendors to rewrite their software from the ground up. But with Windows x64, the situation is a bit different.
PatchGuard is not really a security measure. Indeed, Joanna Rutowska, a security researcher for Singapore-based Coseinc, has demonstrated a way around it. But even she sees the point of PatchGuard: if no program is allowed to legally patch the kernel, then anything that tries is up to no good and can be dealt with. It actually makes the job of security programs easier, she says on her blog.
For the moment it looks as if Microsoft is standing its ground. McAfee is making a big fuss about "customer choice", but as a customer, I want an operating system that's as secure as possible without having to spend more money to plug the holes.
While not perfect, 64bit Windows at least gives us a chance to get away from some of the worst flaws of the 32bit versions. But if Microsoft caves in to the "special pleading", it will be an opportunity thrown down the drain.
