Microsoft Plans to Make Windows More Resilient to CrowdStrike-Like Incidents via New Platform

Microsoft plans to move security vendors outside the Windows kernel in order to improve the security of its operating system.

Written by David Delima | Updated: 13 September 2024 14:06 IST

Highlights

Microsoft plans to improve security on Windows via a new platform
The new platform will allow security vendors to retain functionality
The announcement was made at a security summit hosted by Microsoft

Microsoft Plans to Make Windows More Resilient to CrowdStrike-Like Incidents via New Platform

Microsoft currently allows security vendors to gain kernel level access

Photo Credit: Microsoft

Microsoft on Thursday announced plans to make Windows more resilient to incidents caused by security firms, such as the global outage caused by CrowdStrike earlier this year that took millions of Windows computers offline for more than a day. At a security summit hosted by the company, the Windows maker said it would assist these security vendors in modifying their solutions to operate outside kernel mode on Windows, which provides an elevated level of access to the system along with more advanced functionality.

In a statement issued after its recently concluded Windows Endpoint Security Ecosystem Summit, Microsoft said that it discussed the creation of new platform capabilities on Windows that would enable security vendors to offer more features outside of the Windows kernel, which in turn would improve security on the operating system.

Existing security solutions for Windows involve the use of software that runs at the Windows kernel level, which provides these apps with a greater degree of access to the system compared to regular applications. They can also scan other apps that are loaded into memory in order to intercept security threats or modify system files if necessary.

Microsoft Blames Delta Airlines for Delayed Recovery After Recent Outage

While kernel level access offers benefits for security vendors, a badly configured software update can adversely affect systems — such as the one rolled out by CrowdStrike in July that led to a massive global outage. In order to keep customers' devices protected from these incidents, Microsoft would need to make sure these security vendors operate outside the Windows kernel.

At Microsoft's security summit, the company discussed the requirements of security vendors and the key challenges to implementing a more secure Windows environment, while allowing these firms to continue offering security features. These include potential performance issues and challenges outside kernel mode, sensor requirements, and anti-tampering protection, according to the Windows maker.

"As a next step, Microsoft will continue to design and develop this new platform capability with input and collaboration from ecosystem partners to achieve the goal of enhanced reliability without sacrificing security," Microsoft said on Thursday.

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.