Security threats Toolkit

McAfee and Microsoft tangle over Vista security

Tags:
Antivirus

Tom Espiner ZDNet.co.uk

Published: 03 Oct 2006 14:20 BST

... if their firewall, virus protection and other security tools need attention. The version in the Vista update, set for broad release in January, will add new categories and management tools.

Last month, Symantec claimed that Microsoft's policy could endanger users, as people who choose to use Microsoft's console alone will get a limited view of their Vista PC protection.

However, Microsoft has hit back, arguing that these large vendors are complaining about Windows Security Center because they are afraid it could help their smaller security rivals to compete with them on the desktop.

According to Adrien Robinson, director of the security technology unit at Microsoft, the Security Center updates could drive more business to smaller security firms.

"Microsoft becomes a second voice to customers, enabling them to look at other solutions. Security Center can help smaller software vendors by letting customers know they can update software," said Robinson.

One channel used by large antivirus vendors is to get their software pre-installed on machines sold by original equipment manufacturers (OEMs). This software typically runs for a trial period, after which users are prompted with alerts to update the antivirus software.

Microsoft claims smaller independent software vendors (ISVs) don't have deals with OEMs such as Dell, and that Security Center can prevent bigger software vendors unfairly influencing customers.

"Smaller ISVs such as F-Secure don't have an agreement with Dell," said Robinson. "Bigger vendors don't want any other vendor involved once they have an OEM relationship. There's the rub. It's about striking a balance between them."

"The big vendors have a financial relationship with OEMs, but what if a customer wants to use Rising Sun in China or Grisoft [free antivirus software]?" Robinson added.

But Symantec reacted strongly to Microsoft's claim that Security Center would provide customers with more options.

"That's wrong — there is no choice," said John Brigden, Symantec senior vice president for Europe. "Windows Security Center is foisted upon the user with confusingly similar and incomplete information. The security measures in Vista will decrease security if people are driving two dashboards."

"Customers will follow Microsoft products, and endorsed security products that come through Security Center," Brigden told ZDNet UK. "Even though Microsoft is a monopolist, it shouldn't decide the view of the platform."

However, Microsoft alleged that Symantec's products try to disable the alerts generated by Security Center, rendering the console invisible to customers.

"All the big vendors like Symantec and McAfee try to disable alerts and hide Security Center," said Robinson. "[In which case] Windows Security Center is invisible to customers as long as they have an up-to-date firewall and antivirus".

A Microsoft spokesman also denied McAfee's earlier claim that this was the first time a security vendor had been cut off from the core of a Microsoft operating system, saying that security vendors had not been granted access to the core of the 64-bit version of XP.