Microsoft has come under fire for quietly releasing a fix to its controversial PatchGuard kernel protection software in order to improve the performance of its Virtual Server 2005 product. PatchGuard is a much-touted security addition to Windows Vista that restricts access to the Windows kernel, making it harder for hackers to run nasty software such as rootkits. But it has also broken some legitimate software programs, leading to complaints from software vendors including Symantec and McAfee. Microsoft beefed up PatchGuard, which also ships with 64-bit versions of Windows XP and Server 2003, last July, according to Stephen Toulouse, senior product manager with Microsoft"s security technology group. But one of the changes Microsoft introduced at that time harmed the operating system"s ability to take advantage of Advanced Micro Devices (AMD) virtualization technology. As a result, Virtual Server 2005 couldn"t work properly on AMD systems. In September, Microsoft published a "hotfix" patch that corrected the problem.
Microsoft has rolled the fix into the 64-bit version of Vista, but the only place it has notified users of the hotfix is on a Virtual Server 2005 documentation page, prompting one security researcher to cry foul, and say that Microsoft has violated its own policy on making exceptions to PatchGuard"s kernel restrictions, to the benefit of its own product. Microsoft has had to be careful about permitting changes to PatchGuard, as any changes it makes to the software could possibly become a new avenue of attack for hackers. Initially, the software giant said it would not make any exceptions to PatchGuard"s restrictions, but in September, security vendors asked Microsoft for a way to get around PatchGuard, arguing PatchGuard would ultimately make their software less secure.