Steve Ballmer has pitched into the row over Microsoft's willingness to cough up vital Windows Vista APIs for partners to lock down the operating system against attack.
The Microsoft CEO said his company had done everything necessary to help security partners and to get Windows Vista out on time in Europe next month. He added he doesn't know anything about specific allegations made by vendors such as McAfee.
His words come as McAfee and Symantc, both said Microsoft had not gone far enough in releasing Windows Vista security APIs. Symantec claims the problem lies in defining which Windows Vista APIs are exactly ”available.”
With the clock ticking on Windows Vista's release, McAfee, Symantec and others have gone public in airing their grievances, saying that Microsoft has denied full access to the Windows Vista kernel. Instead, they must work though PatchGuard, which grants only partial access.
Last week, Microsoft announced two updates to Windows Vista's security in response to prodding from European Union anti-trust officials concerned about the operating system's potential effect on the competition. The Windows Vista Security Center will now not send security alerts to users who have installed security consoles from rivial security companies. Additionally, Microsoft claimed to have devised a "new security approach", allowing access to the kernel but retaining PatchGuard.
These changes, plus concessions in the browser upgrade process and an agreement to submit Microsoft's Adobe PDF rival XML Paper to a standards body (our money’s on Microsoft favorite - the European Computer Users Association) led Microsoft's top legal eagle Brad Smith to conclude: "We feel that we can move forward [with Windows Vista] in compliance with EU law."
Microsoft watchers, though, will be more than familiar with the company's policy of taking a drip-drip approach to releasing clear documentation on Windows APIs, with information only released either as a last resort or under pressure from judges.®