Security researchers with Authentium have found a way to circumvent the Patchguard security technology that Microsoft has built into the 64-bit version of its forthcoming Windows Vista operating system.
Authentium's technology allows an application to effectively disable Patchguard. The company decided to develop the tool because it required kernel access for its VirtualATM product that is scheduled for release in December.
In a blog posting the company argued that providing kernel access to third party websites will enable future security innovations.
"This is about enabling innovative new technologies and countering new emerging threats and criminal strategies. If new security innovations are not encouraged, consumers will lose out."
"If we (the good guys) can gain access to the Vista kernel, so can sophisticated, well-financed hackers. These days, most hackers are exactly that – sophisticated and well-financed. We implore Microsoft not to 'go it alone' in security."
Microsoft however said that it will not tolerate outside developers circumventing its technology features and plans to issue a patch to block Authentium's technique.
Microsoft stressed that it will provide APIs to offer functionality similar to that which developers had in other Windows versions.
broken so soon...