Marcus Hutchins-Microsoft claim that CrowdStrike was enabled by EU rule is false [video]
A malware expert discusses the CrowdStrike outage, misconceptions about antivirus software, and Windows security challenges, highlighting issues with kernel rootkits, ineffective measures in Vista, and UAC circumvention by malware.
Read original article
A recent video features a malware development and analysis expert discussing the CrowdStrike outage and addressing misconceptions about antivirus software and the Windows kernel. The speaker highlights the historical challenges in Windows security, particularly regarding kernel rootkits, which arose from poor privilege separation, leading to system instability from both malware and antivirus programs. Microsoft introduced Patch Guard to prevent modifications to critical kernel structures, which alleviated blue screen issues caused by security products. However, the security measures in Windows Vista were largely ineffective, allowing malware easier access to the kernel and bypassing security protocols. User Account Control (UAC) was implemented to enhance privilege separation, but malware developers quickly found ways to circumvent it. Additionally, the European Union's decision to block Microsoft from releasing a new security API potentially hindered progress in addressing these vulnerabilities. The speaker aims to clarify the complexities of Windows security and the persistent challenges in combating malware.
Related
Crashes and Competition
The article explores Windows OS design, kernel access impact on security firms, CrowdStrike crash consequences, Microsoft's limitations due to agreements, and regulatory implications for system security and functionality balance.
EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
Microsoft raised concerns about EU granting CrowdStrike access to Windows kernel in 2009. Third-party software's deep integration in the system architecture is questioned, highlighting risks of disruptions. Microsoft's response to CrowdStrike chaos is pending.
EU gave CrowdStrike keys to Windows kernel, Microsoft claims
Microsoft claims EU granted CrowdStrike access to Windows kernel in 2009 for interoperability. Concerns arise over third-party software's deep integration. Microsoft not blamed for recent chaos caused by CrowdStrike update.
Microsoft calls for Windows changes and resilience after CrowdStrike outage
Microsoft is reconsidering security vendor access to the Windows kernel after a CrowdStrike update outage affected 8.5 million PCs, emphasizing the need for improved resilience and collaboration in security practices.
Microsoft technical breakdown of CrowdStrike incident
The blog discusses a CrowdStrike outage caused by a memory safety issue with the CSagent driver, emphasizing the importance of Windows' security features and future enhancements for better security integration.
3 commentsThis post simply uses a more appropriate header based on the actually video content and it has to be viewed to understand this point.
Marcus maintains that Microsoft's desire to give itself an advantage and EUs insistence that all other companies should have the same privileges led it to maintain that flaw.
Again the video must be watched to understand this.
Related
Crashes and Competition
The article explores Windows OS design, kernel access impact on security firms, CrowdStrike crash consequences, Microsoft's limitations due to agreements, and regulatory implications for system security and functionality balance.
EU gave CrowdStrike the keys to the Windows kernel, claims Microsoft
Microsoft raised concerns about EU granting CrowdStrike access to Windows kernel in 2009. Third-party software's deep integration in the system architecture is questioned, highlighting risks of disruptions. Microsoft's response to CrowdStrike chaos is pending.
EU gave CrowdStrike keys to Windows kernel, Microsoft claims
Microsoft claims EU granted CrowdStrike access to Windows kernel in 2009 for interoperability. Concerns arise over third-party software's deep integration. Microsoft not blamed for recent chaos caused by CrowdStrike update.
Microsoft calls for Windows changes and resilience after CrowdStrike outage
Microsoft is reconsidering security vendor access to the Windows kernel after a CrowdStrike update outage affected 8.5 million PCs, emphasizing the need for improved resilience and collaboration in security practices.
Microsoft technical breakdown of CrowdStrike incident
The blog discusses a CrowdStrike outage caused by a memory safety issue with the CSagent driver, emphasizing the importance of Windows' security features and future enhancements for better security integration.