Tuesday, 16 September 2025
27.3 C
Singapore
26.9 C
Thailand
19 C
Indonesia
27.1 C
Philippines

Microsoft unveils new Windows security features to prevent future incidents

Microsoft unveils plans to enhance Windows security by moving vendors outside the kernel to prevent incidents like the CrowdStrike disaster.

Microsoft is developing new security features for Windows to prevent incidents like the infamous CrowdStrike incident from happening again. The tech giant revealed these plans during a security summit held at its Redmond headquarters in Washington earlier this week. This announcement marks a major shift in how security vendors like CrowdStrike will operate within the Windows ecosystem, focussing on changes that allow vendors to function without needing direct access to the Windows kernel.

The July CrowdStrike incident caused widespread disruption when a faulty software update caused the Blue Screen of Death for millions of PCs and servers. CrowdStrike’s software operates at the kernel level—the core of the Windows operating system—which allowed the bug to affect such a large number of systems.

Changes to the Windows kernel

The Windows kernel has long been a concern for security vendors. Due to its unrestricted access to system memory and hardware, any vulnerabilities or errors at this level can result in system-wide issues, as seen during the CrowdStrike disaster. Since then, Microsoft has been vocal about improving Windows’ resilience, hinting at a future where security vendors operate outside the kernel to prevent such critical failures.

At the summit, Microsoft revealed that it has been collaborating with major players in the cybersecurity world, including CrowdStrike, Broadcom, Sophos, and Trend Micro, to develop a more secure platform. This platform aims to meet security vendors’ needs while reducing the risks associated with kernel-level access. David Weston, Microsoft’s vice president of enterprise and OS security, stated that partners and customers have asked for additional security tools that function outside kernel mode, alongside best practices for deploying them safely.

The discussion also discussed performance requirements and security vendors’ challenges when working outside the kernel. Weston reassured participants that Microsoft is committed to developing a platform that will enhance reliability without compromising security and that the project will be shaped by continuous feedback from partners in the security industry.

Industry feedback and regulatory concerns

While Microsoft has not officially stated that it will completely lock down access to the Windows kernel, its efforts are heading in that direction. The company attempted a similar move with Windows Vista in 2006 but faced significant backlash from security vendors and regulators. This time, however, the response has been more positive. Sophos CEO Joe Levy praised the summit, highlighting the importance of collaborating with industry peers to improve the robustness of Microsoft Windows and the endpoint security ecosystem.

Similarly, Kevin Simzer, chief operating officer at Trend Micro, applauded Microsoft for fostering open discussions. At the same time, Drew Bagley, vice president of privacy and cyber policy at CrowdStrike, expressed appreciation for Microsoft’s efforts to collaborate on building a more resilient Windows security platform.

However, only some people in the cybersecurity space are optimistic about these changes. Cloudflare CEO Matthew Prince raised concerns about Microsoft’s potential to lock down kernel access only for third-party vendors while retaining privileged access for its own security products. He warned that such a move would not result in a safer world but instead create an unfair playing field. These concerns were voiced on X (formerly Twitter), where Prince called on regulators to pay attention to Microsoft’s potential plans.

To address these concerns, Microsoft invited government officials from the United States and Europe to attend the summit. The company knows the delicate balance required to develop new security measures while addressing regulatory and competitive concerns. This summit is part of a larger overhaul within Microsoft to improve its cybersecurity strategy after years of high-profile security breaches and criticism. Microsoft employees are now being evaluated based on their contributions to the company’s security efforts as part of this shift.

What’s next for Microsoft and the security industry?

Microsoft’s latest efforts signal a significant shift in how Windows will handle security in the future. While there are still many challenges ahead, the collaboration between Microsoft and top security vendors could lead to a more secure and reliable Windows platform, preventing incidents like the CrowdStrike disaster from happening again.

As discussions continue, all eyes will be on Microsoft’s next steps in designing this new security platform, with input from both industry leaders and regulators. Whether or not this will lead to the eventual closure of the Windows kernel remains to be seen. Still, one thing is certain: Microsoft is committed to making Windows more resilient without compromising security.

Hot this week

Canon unveils next-generation video production equipment to elevate cinematic storytelling

Canon launches EOS C50, RF85mm f/1.4L VCM, and CN5x11 IAS T R1/P1 to support next-generation video production and storytelling.

AMD executive says AI is underhyped and still in its early stages

AMD’s Jack Huynh says AI is underhyped, with AMD working on innovations not yet invented and set to reveal more at CES 2026.

Best gaming keyboards 2025: Top picks for performance, comfort, and customisation

Discover the best gaming keyboards of 2025, rated for performance, wireless speed, customisation, and value.

Mendix deepens collaboration with Snowflake to transform automotive software development

Mendix and Snowflake expand collaboration to drive faster software development, secure data use, and real-time insights in automotive.

Cloudera named leader in IDC APAC MarketScape for unified AI platforms

Cloudera has been named a Leader in the IDC APAC MarketScape 2025 for unified AI platforms, recognised for governance, security, and innovation.

Biwin unveils Mini SSD, a tiny storage device that could replace microSD cards

Biwin launches Mini SSD, a tiny yet powerful storage device that could replace microSD cards if industry standards are adopted.

Apple brings major upgrades to Powerbeats Pro 2 with iOS 26

Apple adds heart rate, fitness, and smart usability upgrades to Powerbeats Pro 2 with iOS 26, launching on 15 September.

UltraGreen.ai secures US$188 million anchor investment at US$1.3 billion valuation

UltraGreen.ai secures US$188 million anchor investment led by 65EP, Vitruvian, and August, valuing the firm at US$1.3 billion.

ConnectingDNA launches AI-powered DNA wellness marketplace in Singapore

ConnectingDNA launches the world’s first AI-powered DNA wellness marketplace in Singapore, offering personalised health insights and secure data protection.

Related Articles

Popular Categories