Microsoft develops innovative security measures to stop future CrowdStrike incidents

September 13, 2024
1 min read

TLDR:

  • Microsoft is planning to implement new Windows security features to prevent incidents like the CrowdStrike catastrophe.
  • They are working on moving security vendors out of the Windows kernel to improve system resiliency.

Microsoft recently announced plans to make changes to Windows in response to the CrowdStrike incident that took down 8.5 million Windows PCs and servers. The incident was caused by a faulty update from CrowdStrike running at the kernel level of Windows. Microsoft hosted a security summit where they discussed the need for improvements to Windows security to prevent such incidents from happening again.

While Microsoft is not explicitly stating that they will lock down the Windows kernel, they are working on designing a new security platform that will eventually move security vendors like CrowdStrike out of the kernel. They have been collaborating with partners like CrowdStrike, Broadcom, Sophos, and Trend Micro to ensure the new platform meets the security needs of both customers and ecosystem partners.

Some industry leaders have expressed support for Microsoft’s efforts, while others, like Cloudflare CEO Matthew Prince, have raised concerns about potential implications. Microsoft is actively engaging with government officials in the US and Europe to address these concerns and ensure a more secure endpoint security ecosystem.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and