Wednesday, 3 September 2025
29 C
Singapore
28.7 C
Thailand
20.1 C
Indonesia
28.1 C
Philippines

Microsoft unveils new Windows security features to prevent future incidents

Microsoft unveils plans to enhance Windows security by moving vendors outside the kernel to prevent incidents like the CrowdStrike disaster.

Microsoft is developing new security features for Windows to prevent incidents like the infamous CrowdStrike incident from happening again. The tech giant revealed these plans during a security summit held at its Redmond headquarters in Washington earlier this week. This announcement marks a major shift in how security vendors like CrowdStrike will operate within the Windows ecosystem, focussing on changes that allow vendors to function without needing direct access to the Windows kernel.

The July CrowdStrike incident caused widespread disruption when a faulty software update caused the Blue Screen of Death for millions of PCs and servers. CrowdStrike’s software operates at the kernel level—the core of the Windows operating system—which allowed the bug to affect such a large number of systems.

Changes to the Windows kernel

The Windows kernel has long been a concern for security vendors. Due to its unrestricted access to system memory and hardware, any vulnerabilities or errors at this level can result in system-wide issues, as seen during the CrowdStrike disaster. Since then, Microsoft has been vocal about improving Windows’ resilience, hinting at a future where security vendors operate outside the kernel to prevent such critical failures.

At the summit, Microsoft revealed that it has been collaborating with major players in the cybersecurity world, including CrowdStrike, Broadcom, Sophos, and Trend Micro, to develop a more secure platform. This platform aims to meet security vendors’ needs while reducing the risks associated with kernel-level access. David Weston, Microsoft’s vice president of enterprise and OS security, stated that partners and customers have asked for additional security tools that function outside kernel mode, alongside best practices for deploying them safely.

The discussion also discussed performance requirements and security vendors’ challenges when working outside the kernel. Weston reassured participants that Microsoft is committed to developing a platform that will enhance reliability without compromising security and that the project will be shaped by continuous feedback from partners in the security industry.

Industry feedback and regulatory concerns

While Microsoft has not officially stated that it will completely lock down access to the Windows kernel, its efforts are heading in that direction. The company attempted a similar move with Windows Vista in 2006 but faced significant backlash from security vendors and regulators. This time, however, the response has been more positive. Sophos CEO Joe Levy praised the summit, highlighting the importance of collaborating with industry peers to improve the robustness of Microsoft Windows and the endpoint security ecosystem.

Similarly, Kevin Simzer, chief operating officer at Trend Micro, applauded Microsoft for fostering open discussions. At the same time, Drew Bagley, vice president of privacy and cyber policy at CrowdStrike, expressed appreciation for Microsoft’s efforts to collaborate on building a more resilient Windows security platform.

However, only some people in the cybersecurity space are optimistic about these changes. Cloudflare CEO Matthew Prince raised concerns about Microsoft’s potential to lock down kernel access only for third-party vendors while retaining privileged access for its own security products. He warned that such a move would not result in a safer world but instead create an unfair playing field. These concerns were voiced on X (formerly Twitter), where Prince called on regulators to pay attention to Microsoft’s potential plans.

To address these concerns, Microsoft invited government officials from the United States and Europe to attend the summit. The company knows the delicate balance required to develop new security measures while addressing regulatory and competitive concerns. This summit is part of a larger overhaul within Microsoft to improve its cybersecurity strategy after years of high-profile security breaches and criticism. Microsoft employees are now being evaluated based on their contributions to the company’s security efforts as part of this shift.

What’s next for Microsoft and the security industry?

Microsoft’s latest efforts signal a significant shift in how Windows will handle security in the future. While there are still many challenges ahead, the collaboration between Microsoft and top security vendors could lead to a more secure and reliable Windows platform, preventing incidents like the CrowdStrike disaster from happening again.

As discussions continue, all eyes will be on Microsoft’s next steps in designing this new security platform, with input from both industry leaders and regulators. Whether or not this will lead to the eventual closure of the Windows kernel remains to be seen. Still, one thing is certain: Microsoft is committed to making Windows more resilient without compromising security.

Hot this week

Google introduces Pixel Care Plus with free screen and battery repair

Google launches Pixel Care Plus with free screen and battery repairs, lower service fees, and optional loss and theft coverage.

Tecno and Dxomark unveil the first fully automated smartphone camera testing lab in China

TECNO and DXOMARK open the world’s first fully automated imaging lab in Chongqing to set new standards in smartphone camera testing.

Meta reportedly explores using rival AI models to enhance its apps

Meta is exploring the use of AI models from Google and OpenAI to enhance its apps while advancing its own Llama AI technology.

AI-generated music earns record deal for UK creator

British artist Oliver McCann, known as imoliver, signs a record deal for AI-generated music, sparking debate on AI’s role in the industry.

Global Anti-Scam Summit Asia 2025 launches major initiatives to fight online fraud

Global Anti-Scam Summit Asia 2025 in Singapore unveils new initiatives to fight scams with technology, funding, and cross-border collaboration.

Amazon launches new AWS region in New Zealand

Amazon launches its first AWS infrastructure region in New Zealand, investing NZ$7.5b to boost jobs, cloud services, and sustainability.

Global Anti-Scam Summit Asia 2025 launches major initiatives to fight online fraud

Global Anti-Scam Summit Asia 2025 in Singapore unveils new initiatives to fight scams with technology, funding, and cross-border collaboration.

Google Play Games to introduce new profiles with stats and social features

Google is introducing new Play Games profiles on Android, featuring gaming stats, achievements, and social tools, rolling out from 23 September.

China enforces mandatory AI content labels on major social media platforms

China’s major social media platforms are now required to label AI-generated content under a new law aimed at curbing misinformation and enhancing oversight.

Related Articles

Popular Categories