Microsoft is making key changes to Vista to avoid antirust problems.
They’re adding an API to PatchGuard, and loosening control on the Security Center.
From the ZDNet article:
In another change, Microsoft had planned to lock down its Vista kernel in 64-bit systems, but will now allow other security developers to have access to the kernel via an API extension, Smith said. Additionally, Microsoft will make it possible for security companies to disable certain parts of the Windows Security Center when a third-party security console is installed, the company said. … Microsoft will provide a way to ensure that Windows Security Center will not send an alert to a computer user when a competing security console is installed on the PC and is sending the same alert, the company said.
Opening the kernel through a secure API is a reasonable idea- not as secure as a complete lockdown, but it does enable some valuable security tools outside of antivirus and host intrusion prevention that would have been locked out (like activity monitoring). MS would have had to do this eventually.
I’m not as thrilled with the Security Center change- I want the operating system itself to warn me when core security functions are changing.
In both cases I hope code signing will be required to limit hacker exploitation of these functions, but I doubt MS will be allowed to enforce it.