Many of you will surely remember the widespread security breach that occurred a few days ago in Windows and affected millions of computers around the world, Crowdstrike. This is something that did not do any good to Microsoft’s image as a company, something that it does not want to repeat under any circumstances.
The truth is that the most widely used operating system on desktop computers for years now integrates a multitude of security-related functions. These are intended to protect the hundreds of millions of computers that run the different versions of Windows, both at a personal and professional level. However, sometimes serious failures occur, such as the one that occurred this summer.
Since Windows is installed on most desktop computers, a failure here is extremely serious. It is also true that a system crash of this magnitude is not common, but as we have seen, it can happen.
That is why the software giant is now considering a major security measure that would change the way Windows works in this regard. Microsoft is considering removing all security systems from the Windows kernel itself. This means that if any changes are made to the operating system’s kernel, they would not directly affect the security of the software itself.
And it must be taken into account, as has been demonstrated on several occasions, that allowing security software to operate at the kernel level entails a certain risk. The huge security breach, dubbed Crowdstrike, recently occurred, affected around 8.5 million computers around the world. This resulted in major interruptions in services by many companies. Microsoft cannot afford these luxuries, which is why it is now considering a drastic measure.
As we have already mentioned, the company plans to remove security systems from the Windows kernel to avoid similar problems in the future. In fact, the company is currently working with its partners to study the possibility of restricting third-party access to the Windows kernel itself.
Microsoft is working to ensure that failures like CrowdStrike do not happen again
The vulnerability we are reporting on, which affected more than 8 million computers, is considered to be the worst computer outage in history. It was caused by a faulty update to the CrowdStrike Falcon software that caused around 8.5 million Windows PCs to suffer from blue screens of death or BSODs. This resulted in major disruptions to major businesses such as airlines, government offices, hospitals and much more.
Now, in an attempt to avoid something similar in the future, Microsoft says it would explore options to move security systems outside the Windows kernel. To do this, the company is asking for help from partners such as CrowdStrike itself, Broadcom, Sophos or Trend Micro. All of this with the aim of designing a new platform that maintains the security of the system, but without depending on access at the kernel level.
We may see these changes over the next few months. This will undoubtedly be a major step forward in terms of Windows security.
