top of page

Microsoft to Introduce New Windows Security Features Following CrowdStrike Incident

14/9/24

By:

Bharti B. Hariyani

Aiming to enhance reliability without sacrificing security, Microsoft plans to move security vendors outside the Windows kernel.

Aiming to enhance reliability without sacrificing security, Microsoft plans to move security vendors outside the Windows kernel.

In the wake of the CrowdStrike incident that impacted millions of Windows users, Microsoft has announced its plans to implement significant changes to Windows’ security architecture. These changes are aimed at improving system resilience by pushing security vendors like CrowdStrike out of the Windows kernel—a crucial part of the operating system that has unrestricted access to system resources.

During a security summit held at Microsoft’s headquarters in Redmond, Washington, the company discussed these upcoming modifications with major security vendors such as CrowdStrike, Broadcom, Sophos, and Trend Micro. The summit highlighted Microsoft's effort to create a more secure environment for endpoint security solutions, ensuring that such an incident doesn't happen again.

The CrowdStrike Incident: A Catalyst for Change

The CrowdStrike catastrophe occurred in July when a faulty update to the company’s software, which operates at the kernel level, led to 8.5 million Windows PCs and servers crashing, causing the notorious Blue Screen of Death (BSOD). Kernel-level software is deeply embedded in the operating system, with direct access to memory and hardware, meaning that even a small mistake can cause widespread system failures.

In the months following the incident, Microsoft called for more resilient systems, with a clear goal of moving security vendors out of the kernel to prevent similar catastrophes. However, this potential change sparked debates, with partners and regulators pressuring Microsoft to be cautious in how it executes these changes.

Rebuilding Trust in Endpoint Security

At the summit, David Weston, Microsoft’s vice president of enterprise and OS security, emphasized that the company has been working closely with its partners to address the challenges of creating a new security platform. This platform would allow security vendors to operate without kernel-level access while maintaining the reliability and performance they require.

“Both our customers and ecosystem partners have called on Microsoft to provide additional security capabilities outside of kernel mode which, along with safe deployment practices, can be used to create highly available security solutions,” Weston said.

By moving security vendors out of the kernel, Microsoft aims to minimize system vulnerabilities. The company is also keen to incorporate anti-tampering protection and meet the performance demands of security vendors to ensure smooth functionality even outside the kernel.

Industry Reactions: A Mixed Response

While Microsoft’s plans to enhance the resiliency of Windows security have been welcomed by several security vendors, some industry leaders remain cautious. Sophos CEO Joe Levy expressed optimism, stating, “It was a welcome opportunity to join industry peers in an open discussion of advancements that will serve our customers by elevating the resilience and robustness of both Microsoft Windows and the endpoint security ecosystem.”

Trend Micro also praised Microsoft’s collaborative approach, with COO Kevin Simzer noting, “I applaud Microsoft for opening its doors to continue collaborating with leading endpoint security leaders.” Even CrowdStrike, at the center of this security shake-up, appreciated the transparency and dialogue, acknowledging the importance of building a more resilient Windows security ecosystem.

However, not everyone shares this optimism. Cloudflare CEO Matthew Prince voiced concerns about potential monopolistic control. Prince warned that while it’s understandable for Microsoft to secure its operating system, there’s a risk the company might grant its own security offerings exclusive or privileged access to the kernel, potentially squeezing out competitors in the endpoint security space.

Regulatory Scrutiny and the Path Forward

The fears raised by Cloudflare’s Prince aren’t without merit. Microsoft has already faced significant regulatory scrutiny in the past, and any changes to the way security vendors access the Windows kernel are likely to attract the attention of regulators in the US and Europe. Government officials were invited to the summit as Microsoft attempts to reassure stakeholders and ensure any changes remain transparent and equitable.

For now, Microsoft is treading carefully. The company is still in the early stages of designing this new security platform, with ongoing discussions with partners and regulators to ensure the changes enhance security without unfairly disadvantaging other vendors.

Looking Ahead: A New Era of Windows Security

The CrowdStrike incident served as a wake-up call for Microsoft and its partners. As the world becomes more reliant on cloud services and endpoint security, vulnerabilities within the Windows kernel pose significant risks. With billions of devices running on Windows, these changes will likely have far-reaching implications.

Microsoft’s efforts to move security vendors out of the kernel are a step toward creating a more resilient and secure ecosystem for both consumers and enterprises. By involving the industry’s top security firms in the design of this new system, Microsoft is setting the stage for a more reliable and secure Windows environment in the future.

At Kushal Bharat Tech News, we’ll continue to follow these developments and provide updates on how these changes will shape the future of Windows security and the broader tech landscape.


Stay tuned for more in-depth analysis and tech insights from Kushal Bharat Tech News as we track the evolution of Microsoft’s security overhaul and its implications for users worldwide.

All images used in the articles published by Kushal Bharat Tech News are the property of Verge. We use these images under proper authorization and with full respect to the original copyright holders. Unauthorized use or reproduction of these images is strictly prohibited. For any inquiries or permissions related to the images, please contact Verge directly.

Latest News

13/12/24

Apple’s New HomePod Mini and Apple TV Expected in 2025

Enhanced with Apple’s proprietary “Proxima” chip for improved connectivity and smart home integration

13/12/24

Google’s Vision for Android XR: Bringing Smart Glasses and Headsets to Life

The Android XR platform aims to redefine augmented and mixed reality, powered by Gemini AI and seamless integration.

13/12/24

Google Launches Gemini 2.0: Ushering in the AI Agentic Era

The advanced multimodal AI model can generate images, audio, and promises groundbreaking agent capabilities.

bottom of page