Microsoft on Thursday announced plans to make Windows more resilient to incidents caused by security firms, such as the global outage caused by CrowdStrike earlier this year that took millions of Windows computers offline for more than a day. At a security summit hosted by the company, the Windows maker said it would assist these security vendors in modifying their solutions to operate outside kernel mode on Windows, which provides an elevated level of access to the system along with more advanced functionality.

In a statement issued after its recently concluded Windows Endpoint Security Ecosystem Summit, Microsoft said that it discussed the creation of new platform capabilities on Windows that would enable security vendors to offer more features outside of the Windows kernel, which in turn would improve security on the operating system. 

Existing security solutions for Windows involve the use of software that runs at the Windows kernel level, which provides these apps with a greater degree of access to the system compared to regular applications. They can also scan other apps that are loaded into memory in order to intercept security threats or modify system files if necessary.

While kernel level access offers benefits for security vendors, a badly configured software update can adversely affect systems — such as the one rolled out by CrowdStrike in July that led to a massive global outage. In order to keep customers’ devices protected from these incidents, Microsoft would need to make sure these security vendors operate outside the Windows kernel.  

At Microsoft’s security summit, the company discussed the requirements of security vendors and the key challenges to implementing a more secure Windows environment, while allowing these firms to continue offering security features. These include potential performance issues and challenges outside kernel mode, sensor requirements, and anti-tampering protection, according to the Windows maker.

“As a next step, Microsoft will continue to design and develop this new platform capability with input and collaboration from ecosystem partners to achieve the goal of enhanced reliability without sacrificing security,” Microsoft said on Thursday.

Microsoft said on Friday it would hold a summit in September to discuss steps to improve cybersecurity systems, after a faulty update from CrowdStrike caused a global IT outage last month.

The conference marks the first big step by Microsoft to address the issues that affected nearly 8.5 million Windows devices on July 19, disrupting operations across industries ranging from major airlines to banks and healthcare.

The event will be held on Sept. 10 at Microsoft’s headquarters in Redmond, Washington. The company will invite government representatives to the gathering, it said in a blog.

“The CrowdStrike outage in July presents important lessons for us to apply as an ecosystem,” Microsoft said.

The outage raised concerns that many organizations are not well prepared to implement contingency plans when a single point of failure such as an IT system, or a piece of software within it, goes down.

“We look forward to bringing our perspective to the discussions with Microsoft and industry and government stakeholders on the need for a more resilient ecosystem,” a CrowdStrike spokesperson said when contacted for a comment.

Analysts have said the outage has exposed risks of dependence on single-vendor providing one-stop shop for security solutions.

CrowdStrike, which has lost about $9 billion of its market value since the outage, has been sued by shareholders, who said the cybersecurity company defrauded them by concealing how its inadequate software testing could cause the global disruption.

Earlier this month, Delta Air Lines said it was pursuing legal claims against CrowdStrike and Microsoft, after the outage caused mass flight cancellations and cost the carrier at least $500 million.

CrowdStrike is scheduled to report its second-quarter financial results after the U.S. market close on Aug. 28.

© Thomson Reuters 2024
 

(This story has not been edited by NDTV staff and is auto-generated from a syndicated feed.)