At best, such APIs will allow security vendors only to continue delivering the functions they currently have in products meant for 64-bit Vista environments, he said. But as long as Microsoft continues to prevent kernel access via PatchGuard, there's going to be a "chilling effect" on innovation in the security market, Trollope said.

That's because vendors will need to wait for Microsoft to release new APIs each time they want to implement any new security functionality that involves kernel patching, McAfee's Heron said.

As a result, the best approach for Microsoft to take is to allow kernel-level access to qualified security vendors, he said. Microsoft has done this wth 32-bit Windows platforms, and there's little reason to change that policy now, Heron said.

"We are not disagreeing with PatchGuard policy," Trollope added. "But Microsoft needs to provide an exception for security vendors with signed drivers to patch the kernel. We are not saying let everyone in."

Until that time, Microsoft's talk about PatchGuard APIs is little more than a "giant red herring" that makes it appear that the company is cooperating with security vendors, said Alex Eckelberry, president of Sunbelt Software, a Clearwater, Fla.-based security vendor. "The problem is there are no documented or undocumented APIs for some functions," Eckelberry said. "The only way to implement it is to go in and modify the kernel."