Microsoft Windows Changes Kernel Security Following CrowdStrike Incident
Enhanced Security Measures in Microsoft Windows
Microsoft on Thursday revealed plans to fortify Windows against incidents linked to security firms, inspired by the severe CrowdStrike outage earlier this year that took down millions of Windows machines for over a day. During a security summit, Microsoft committed to helping these security providers adapt their tools to function outside of Windows kernel mode, which typically grants elevated system access.
Reassessing Kernel-Level Access
At its recent Windows Endpoint Security Ecosystem Summit, Microsoft emphasized the development of new capabilities that will enable security applications to deliver enhanced features without operating within the Windows kernel. This shift aims to improve the overall security of the operating system.
- Kernel-level security solutions have potential risks if updates are not properly configured.
- Deprecated kernel-level access can enhance resilience against incidents like the CrowdStrike incident in July.
- Microsoft's commitment will offer ecosystem collaboration for a more secure Windows environment.
Microsoft acknowledged the complexities of enabling security vendors to continue providing robust features while minimizing risks associated with kernel access. They will prioritize performance and protection measures in the next steps of these enhancements.
This article was prepared using information from open sources in accordance with the principles of Ethical Policy. The editorial team is not responsible for absolute accuracy, as it relies on data from the sources referenced.