McAfee Warns Against Vista Security Features

NEW YORK– McAfee top executives went on the offensive Monday against Microsoft, saying Vista will be even less secure for customers than previous versions of Windows. The day after McAfee took out a full-page advertisement in the Financial Times to publicly air its grievances over the security of Vista, McAfee Chair and CEO George Samenuk, Vice President and Chief Scientist George Heron, and Chief Security Architect John Viega delivered the same message in person here.“We are disturbed by the fact that with Vista, end customers will be less secure,” Samenuk said. “Customers trust us… To erode that trust would hurt all Internet users, all PC users. I don’t think Microsoft wants that, nor does McAfee want that.”

Limits System Access

Two security elements in Vista fare chief among McAfee’s concerns, executives said.

In Vista, Microsoft is locking down the kernel of the OS through a feature called PatchGuard on 64-bit versions. Microsoft’s argument is that this will keep miscreants out of the OS and prevent the incidence of attacks, and it is something for which customers have been asking.

“Fooling around with the kernel while it’s running is like changing the sparkplugs on your car when the engine is running,” said Stephen Toulouse, a senior product manager at Microsoft. “It’s never been a good thing for users.”

But the McAfee officials say that since PatchGuard also prevents third-party security companies from getting inside the OS, Vista prevents them from activating crucial security measures in their own software to protect the OS from intruders.

// October 4th, 2006