Re: Security Vendor Bypasses Microsoft's Vista PatchGuard

[Blue Boar <BlueBoar () thievco com>]

Fergie wrote:
> Microsoft officials say they are unhappy that security software maker
> Authentium has decided to bypass the controversial PatchGuard kernel
> protection feature in its next-generation Vista operating system, and
> said that the tactic could lead to eventual problems for users of the
> company's software.
>
> Responding to Authentium's move to circumvent PatchGuard in its
> products, company officials said that the decision to hack the feature
> could prove unwise for the security vendor as Microsoft will work to
> close off any flaws that allow unauthorized kernel interaction, making
> technologies dependent on such access obsolete.

"That's some nice software you have there.  Be a real shame if something 
happened to it." ;)

And this is a nice example of why it's not realistic for security 
software to use the same methods as malware for kernel access, and why 
they need an officially-supported API.

                                        BB
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.