Tech

Microsoft to make major Windows security changes following CrowdStrike-induced outage

Microsoft is taking steps to overhaul its Windows security architecture, following a CrowdStrike update that led to a widespread outage. The company plans to move third-party security vendors outside the Windows kernel, a core component of the OS, to improve resiliency and prevent future system crashes.

By Khushi Jain
Image Credits - financialexpress

Advertisement

Microsoft is making significant security changes to the Windows operating system following a recent CrowdStrike update that led to a global Windows outage. The update, which impacted millions of devices and disrupted businesses, raised concerns about the dangers of kernel access by third-party security vendors. In response, Microsoft plans to revise its OS architecture to minimize such risks.

The Windows kernel is the core of the operating system, with direct access to system memory and hardware. Errors in the kernel, even minor ones, can cause severe system-wide crashes, as seen in the CrowdStrike incident. Microsoft’s response aims to prevent future occurrences by moving security vendors, including CrowdStrike, outside of the Windows kernel. This initiative seeks to improve the OS’s resiliency while maintaining high levels of security for users.

David Weston, Microsoft’s VP of Enterprise and OS Security, emphasized the move by stating, “Both our customers and ecosystem partners have requested that Microsoft offer enhanced security features outside of kernel mode.” This change is a proactive measure aimed at reducing vulnerabilities and preventing future outages by restricting third-party access to such a critical system component.

Advertisement

Microsoft is collaborating with major security companies like CrowdStrike, Broadcom, Sophos, and Trend Micro to develop a new platform that will meet vendors’ needs without compromising system performance. This collaboration, announced during a recent Microsoft security summit, emphasizes a more resilient and open Windows endpoint security ecosystem.

CrowdStrike, one of the key players in the discussions, also weighed in on the changes. Drew Bagley, VP and Counsel of Privacy and Cyber Policy at CrowdStrike, remarked, “We value the chance to participate in these crucial discussions with Microsoft and industry leaders on how to collaborate effectively in creating a more resilient Windows security ecosystem that enhances protection for our shared customers.

While Microsoft has not officially confirmed whether it will fully restrict kernel access, its active engagement with security firms suggests that major changes are on the horizon to fortify Windows’ security infrastructure.

You might also like More from author