Why Microsoft is wrong on Vista security


...Dropping down to the core of the operating system, we see that Microsoft has implemented PatchGuard as a means of preventing access to kernel services that classically have been allowed and available in all previous versions of Windows.

In a nutshell, PatchGuard crashes the computer when it detects that specific internal data structures have been "hooked," which is a common way that malicious software starts doing its damage.

However, the good advanced features of behavioral detecting and intrusion protection software also work this way. So by attempting to lock out the bad guys, PatchGuard is also blocking advanced security features from working, and the user is much less secure. Why Microsoft is wrong on Vista security | Tech News on ZDNet

Linked by shanmuga Tuesday, 10th October 2006 2:58AM