Microsoft strengthens Windows security to prevent future IT outages
What's the story
Microsoft is set to introduce changes to its Windows operating system, aimed at enabling security vendors like CrowdStrike, Sophos, Broadcom, and Trend Micro to function outside the Windows kernel.
This decision was made public during a recent security summit held at Microsoft's Redmond headquarters.
The move follows the disastrous CrowdStrike incident in July that affected 8.5 million Windows PCs due to a faulty update that triggered a Blue Screen of Death (BSOD) upon system startup.
Preventive measures
Strategy to prevent future security incidents
The CrowdStrike incident has sparked a debate about access to the Windows kernel, leading Microsoft to consider changes that would enhance system resilience.
The company has hinted at plans to shift security vendors away from the Windows kernel, a move aimed at preventing similar incidents in the future.
However, this potential change has been met with resistance from both partners and regulators who urge caution against unilateral decisions.
Collaboration
Collaborations with partners on new security platform
Microsoft has engaged with partners to discuss the requirements and challenges of developing a new platform that meets security vendors' needs.
David Weston, vice president of enterprise and OS security at Microsoft, stated that both customers and ecosystem partners have urged Microsoft to provide additional security capabilities outside of kernel mode.
This collaboration is part of an ongoing effort to design a reliable platform without compromising on security.
Industry feedback
Industry response to Microsoft's proposed changes
The proposed changes have been met with mixed reactions from the industry.
Sophos CEO Joe Levy and Trend Micro COO Kevin Simzer have expressed their support for Microsoft's initiative.
However, Cloudflare CEO Matthew Prince has voiced concerns about a potential scenario where only Microsoft can provide effective endpoint security.
Despite these differing views, there is a general consensus on the need for enhanced resilience and robustness in both Microsoft Windows and the endpoint security ecosystem.