Microsoft to Enhance Windows Security by Moving Key Software Out of Kernel

The decision follows the CrowdStrike incident, aiming to improve system resilience and prevent future global outages.

Microsoft hosted the Windows Endpoint Security Ecosystem Summit with vendors and government officials to discuss enhancing Windows security.
The CrowdStrike outage in July, caused by a faulty update, highlighted the risks of kernel-level access for security software.
Microsoft plans to develop new platform capabilities allowing security solutions to operate outside of Windows kernel mode.
Key challenges include ensuring performance, anti-tampering protections, and maintaining security while moving software out of the kernel.
Security vendors and industry experts have generally supported the initiative, emphasizing the need for collaboration and best practices.