Particle.news

Microsoft to Enhance Windows Security by Moving Key Software Out of Kernel

The decision follows the CrowdStrike incident, aiming to improve system resilience and prevent future global outages.

Overview

  • Microsoft hosted the Windows Endpoint Security Ecosystem Summit with vendors and government officials to discuss enhancing Windows security.
  • The CrowdStrike outage in July, caused by a faulty update, highlighted the risks of kernel-level access for security software.
  • Microsoft plans to develop new platform capabilities allowing security solutions to operate outside of Windows kernel mode.
  • Key challenges include ensuring performance, anti-tampering protections, and maintaining security while moving software out of the kernel.
  • Security vendors and industry experts have generally supported the initiative, emphasizing the need for collaboration and best practices.