Igor Pankov, product marketing manager for security firm Agnitum has posted quite an in-depth post which dispels the top six 64-bit Windows Kernel Patch Protection (KPP) myths.  Here are the myths that the post tries to dispel:

• Microsoft has always discouraged and objected to the use of undocumented kernel modifications and always called on the ISVs to abandon the practice of kernel access and use other development tools designed by Microsoft instead.
• Microsoft is offering ISVs all necessary instruments; it never wanted to stifle competition. Besides, KPP in not new, and is meant to lock the kernel from bad guys’ access only.
• Vista with KPP is already more secure than any other version of Windows; even if kernel access were to be granted to the selected ISVs, this won’t improve the situation and could well worsen it. We’ll provide all necessary support through the provision of other tools such as APIs and mini-filters.
• KPP is flawless, it will kill malware at the core! KPP is meant to reinforce all 64-bit Windows at once.
• Microsoft doesn’t resort to kernel patching, it uses documented solutions to protect its customers.
• Microsoft cannot provide exceptions to Kernel Patch Protection for known good software. Besides, the process of distinguishing the good from the bad is too burdensome to MS.

I'm really not sure where this whole KPP thing is going to end up - I'm just glad that I'm not planning on running 64-bit Windows.

Technorati Tags: Kernel Patch Protection, KPP

This entry was posted on Friday, November 10th, 2006 at 21:17 and is filed under PC Doctor's Thoughts, PC Doctor's Useful Links, Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.