Key Takeaways:
- Microsoft will host the Windows Endpoint Security Ecosystem Summit at its Redmond headquarters next month.
- This upcoming summit will focus on enhancing Windows security in collaboration with government representatives and leading cybersecurity companies like CrowdStrike.
- Microsoft and its cybersecurity partners will explore innovative solutions such as eBPF technology and memory-safe programming languages.
Microsoft is gearing up to host a summit on Windows security at its Redmond headquarters in September. The Windows Endpoint Security Ecosystem Summit will bring together government representatives and cybersecurity companies such as CrowdStrike to discuss ways to make the Windows operating system more resilient.
Last month, CrowdStrike released a buggy content configuration update for its Falcon sensor that crashed 8.5 million Windows devices globally. This major outage severely impacted Delta Air Lines by grounding thousands of flights and allegedly costing the company $500 million, prompting them to consider legal action against both Microsoft and CrowdStrike. The incident has sparked concerns among regulators and business leaders about the level of access third-party software vendors have to the Windows kernel.
On September 10, Microsoft’s engineers and key security partners will discuss ways to enhance Windows security and establish best practices for third-party software to prevent similar incidents in the future. The summit participants will also explore shifting applications to rely on user mode rather than the more vulnerable privileged kernel mode on Windows PCs.
“The CrowdStrike outage in July 2024 presents important lessons for us to apply as an ecosystem,” said Aidan Marcuss, CVP for Microsoft Windows and Devices. “Our discussions will focus on improving security and safe deployment practices, designing systems for resiliency and working together as a thriving community of partners to best serve customers now, and in the future.”
Microsoft’s security summit will also focus on the adoption of the extended Berkeley Packet Filter (eBPF) technology. It allows programs to run within the kernel without changing the kernel source code or loading kernel modules. The kernel verifies the eBPF programs before execution to ensure that they will run without triggering system crashes. This summit will also include technical sessions on using memory-safe programming languages such as Rust.
Microsoft plans to share more details about these discussions following the Windows Endpoint Security Ecosystem Summit. “It is expected that the Windows Endpoint Security Ecosystem Summit will lead to next steps in both short- and long-term actions and initiatives to pursue, with improved security and resilience as our collective goal,” Marcuss added.
Microsoft has recently suggested plans to restrict third-party security providers’ access to the Windows kernel. However, competitors are worried that this move could give Microsoft an unfair advantage by promoting its own security products, like Defender for Endpoint, over third-party solutions.