Microsoft to Boost Windows Security to Prevent Future CrowdStrike-Style Outages

Last Update: Sep 16, 2024 | Published: Sep 13, 2024

Windows 11 approved hero 1

SHARE ARTICLE

Key Takeaways:

  • Microsoft is advocating for enhanced security protocols by limiting third-party vendors’ access to the Windows kernel.
  • Microsoft discussed topics like performance needs, anti-tampering protection, and collaboration principles.
  • Microsoft highlighted the importance of stronger collaboration with security partners to develop more robust security solutions.

Earlier this week, Microsoft held its Windows Endpoint Security Ecosystem Summit at its Redmond headquarters, bringing together CrowdStrike, cybersecurity partners, and government officials. The summit aimed to address critical issues in cyber resilience and infrastructure security, fostering discussions on strengthening defenses against future threats.

On July 19, CrowdStrike released a faulty sensor update for its Falcon endpoint security platform that crashed around 8.5 million Windows devices. This incident resulted in billions of dollars in damages, disrupting hospital appointments, grounding thousands of flights, and raising regulatory concerns about third-party access to the Windows kernel. In response, Microsoft called for changes to Windows to enhance its resilience and prevent similar incidents.

Microsoft’s Windows Endpoint Security Ecosystem Summit served as a platform for Microsoft and security vendors to discuss designing resilient systems, improving security, and adopting safe deployment practices. Microsoft is also working on enabling security solutions to operate outside the Windows kernel.

“Both our customers and ecosystem partners have called on Microsoft to provide additional security capabilities outside of kernel mode which, along with safe deployment practices, can be used to create highly available security solutions,” said David Weston, vice president of enterprise and OS security at Microsoft.

What’s Microsoft’s strategy to avoid another CrowdStrike-like incident?

Microsoft detailed its efforts to address the performance needs and challenges of operating outside kernel mode, which is crucial for avoiding the performance issues and conflicts associated with the kernel.
The Summit also underscored the importance of anti-tampering protections to prevent malicious interference with security products. Microsoft is committed to considering security sensor requirements and secure-by-design principles as it enhances Windows.

Lastly, Microsoft highlighted its dedication to improving collaboration with partners by sharing best practices, tools, and data. “We’re competitors, we’re not adversaries. The adversaries are the ones we need to protect the world from. We are grateful for the support and input from this community and excited about the conversations in progress and work we have ahead,” Weston added.

SHARE ARTICLE