Windows Vista’s Patch Guard / Kernel Protection feature will only ship with 64 bit versions of Windows Vista

There’s been a great deal of speculation and debate in the Press and online regarding Windows Vista (and Server 2003)’s Patch Guard feature. The name’s a little misleading as many people associate the word “patch” purely with legitimate software updates whereas this feature is to prevent unauthorised modification to the kernel.

Many existing security products modify the kernel to insert their own hooks – on Windows Vista PatchGuard will prevent such modifications HOWEVER it’s only going to be present on 64 bit versions of Windows Vista (and Server 2003 SP1) AND we’re publishing APIs to enable third party (and Microsoft) security products to continue to integrate with the kernel and add value as they do today.

Clearly 64 bit systems will become the de facto in the next few years but currently the vast majority of existing systems (running Microsoft Windows) are 32 bit.

If you’d like to learn more about PatchGuard then an earlier post of mine provides more details. There’s a white paper due soon – I’ll post it’s location when it’s published.

Comments (1)

  1. Mark Osborn says:

    Jesper has a nice write up regarding the implications of Patch Guard and the row which appears to be brewing up involving Symantec and McAfee here:

    I read the recent comments from McAfee a few days ago and couldn’t help feeling at the time that it was just a case of ‘sour grapes’…I’d imagine we’re going to see a fundamental change in the way 3rd Party vendors apply their security products to Windows
    in the future!