Microsoft calls for Windows changes and resilience after CrowdStrike outage
Microsoft is reconsidering security vendor access to the Windows kernel after a CrowdStrike update outage affected 8.5 million PCs, emphasizing the need for improved resilience and collaboration in security practices.
Read original article
Microsoft is advocating for changes to Windows following a significant outage caused by a faulty update from CrowdStrike, which affected 8.5 million PCs. The incident has prompted Microsoft to reconsider the access that security vendors have to the Windows kernel, the core of the operating system that allows unrestricted access to system resources. CrowdStrike's software, which operates at this kernel level, was responsible for the outage due to a bug in its testing software. Microsoft previously attempted to limit third-party kernel access in 2006 but faced resistance from cybersecurity vendors and regulators.
In a recent blog post, John Cable, Microsoft's vice president of program management for Windows, emphasized the need for enhanced resilience in Windows and called for collaboration with security partners to improve the ecosystem's security. He highlighted recent innovations, such as the VBS enclaves feature and Azure Attestation service, which do not require kernel mode drivers, as examples of modern security approaches. While Microsoft is exploring the possibility of restricting kernel access, it must balance this with the needs of security vendors, as noted by Cloudflare's CEO. The situation may reignite discussions about kernel access policies in Windows, reflecting a shift towards prioritizing system resilience and security.
Related
Microsoft points finger at the EU for not being able to lock down Windows
Microsoft blames the EU for hindering Windows security due to an agreement allowing security software access. Recent disruptions affected 8.5 million PCs. EU restrictions differ for tech giants like Apple and Google.
Crashes and Competition
The article explores Windows OS design, kernel access impact on security firms, CrowdStrike crash consequences, Microsoft's limitations due to agreements, and regulatory implications for system security and functionality balance.
EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
Microsoft raised concerns about EU granting CrowdStrike access to Windows kernel in 2009. Third-party software's deep integration in the system architecture is questioned, highlighting risks of disruptions. Microsoft's response to CrowdStrike chaos is pending.
Why Did CrowdStrike Update Only Hit Windows? Blame the EU, Microsoft Says
Microsoft linked the CrowdStrike update problem on 8.5 million Windows devices to a 2009 EU agreement. The incident, caused by a Falcon content update defect, disrupted industries but was not a cyberattack.
EU gave CrowdStrike keys to Windows kernel, Microsoft claims
Microsoft claims EU granted CrowdStrike access to Windows kernel in 2009 for interoperability. Concerns arise over third-party software's deep integration. Microsoft not blamed for recent chaos caused by CrowdStrike update.
1 commentsRelated
Microsoft points finger at the EU for not being able to lock down Windows
Microsoft blames the EU for hindering Windows security due to an agreement allowing security software access. Recent disruptions affected 8.5 million PCs. EU restrictions differ for tech giants like Apple and Google.
Crashes and Competition
The article explores Windows OS design, kernel access impact on security firms, CrowdStrike crash consequences, Microsoft's limitations due to agreements, and regulatory implications for system security and functionality balance.
EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
Microsoft raised concerns about EU granting CrowdStrike access to Windows kernel in 2009. Third-party software's deep integration in the system architecture is questioned, highlighting risks of disruptions. Microsoft's response to CrowdStrike chaos is pending.
Why Did CrowdStrike Update Only Hit Windows? Blame the EU, Microsoft Says
Microsoft linked the CrowdStrike update problem on 8.5 million Windows devices to a 2009 EU agreement. The incident, caused by a Falcon content update defect, disrupted industries but was not a cyberattack.
EU gave CrowdStrike keys to Windows kernel, Microsoft claims
Microsoft claims EU granted CrowdStrike access to Windows kernel in 2009 for interoperability. Concerns arise over third-party software's deep integration. Microsoft not blamed for recent chaos caused by CrowdStrike update.