Microsoft wants to beef up Windows security to prevent CrowdStrike-like fiascos, but there are critical concerns: “A world where only Microsoft can provide effective endpoint security is not a more secure world”

Microsoft wants to beef up Windows security to prevent CrowdStrike-like fiascos, but there are critical concerns: "A world where only Microsoft can provide effective endpoint security is not a more secure world"

What you need to know

  • Microsoft wants to develop a new platform that will satisfy the needs of security vendors after the CrowdStrike fiasco.
  • The tech giant hasn’t categorically indicated that it will block access to Windows in kernel mode, but endpoint security systems might have limited access at the very least.
  • Security vendors have raised concerns and called for regulatory intervention and scrutiny of Microsoft’s advances in this matter. 

As a long-time Windows user and tech enthusiast who has witnessed the rollercoaster ride of software updates and their consequences, I can’t help but feel a mix of apprehension and curiosity regarding Microsoft’s latest move. The CrowdStrike fiasco left a sour taste for many users, myself included. The recent developments hint at a more controlled platform for security vendors, which sounds promising in theory, but the devil is always in the details.


Recently, an update to CrowdStrike software caused a problem that left approximately 8.5 million Windows devices with Blue Screen of Death (BSOD) issues for extended periods. Although the issue has been rectified since then, both Microsoft and CrowdStrike find themselves embroiled in legal disputes as they face claims from affected parties seeking compensation for damages. Among these claimants is Delta Air Lines, which reportedly lost around half a billion dollars in just five days due to this incident.

Microsoft firmly stated they are not responsible for the outage and have taken steps to avoid recurrence, such as limiting security software like CrowdStrike’s Falcon from accessing Windows 11 at its core level. However, this incident has led to strong criticism against the company, with Delta Air Lines CEO Ed Bastian calling it a “vulnerable platform” and suggesting the possibility of moving their business elsewhere. In contrast, one seldom hears about major outages happening on Apple’s platform, according to Bastian.

Now, Microsoft is implementing further significant alterations aimed at enabling security firms such as CrowdStrike to perform their functions independently of the Windows core system (as reported by The Verge). These developments were announced during their recently concluded security conference held at their headquarters in Redmond, Washington.

Microsoft wants to develop a “controlled” platform for security vendors

Microsoft wants to beef up Windows security to prevent CrowdStrike-like fiascos, but there are critical concerns: "A world where only Microsoft can provide effective endpoint security is not a more secure world"

It appears that the leading technology company has talked about the necessary features and challenges in building a fresh platform, which could cater to security providers’ requirements. This potential platform development might align with Microsoft’s wider strategy and emphasis on security throughout their product and service offerings, as mentioned by Microsoft CEO Satya Nadella.

“Security underpins every layer of the tech stack, and it’s our No. 1 priority. We are doubling down on this very important work, putting security above all else, before all other features and investments.”

Following his statement, Microsoft plans to proceed in creating and refining this new platform feature. They aim to do this by working closely with their partner ecosystem, exchanging ideas and collaborating to ensure the goal of improved reliability without compromising on security is met. This was shared by David Weston, Microsoft’s VP of Enterprise and OS Security.

Microsoft has not explicitly stated that they are absolutely barring security providers from accessing Windows at the core (kernel) level. However, the ongoing development of their security platform suggests that they may restrict access to some degree.

Security vendors appear receptive towards Microsoft’s novel strategy. For instance, Drew Bagley, Vice President of Privacy and Cyber Policy at CrowdStrike, expressed appreciation for the chance to participate in significant discussions with Microsoft and other industry professionals about collaborating effectively to create a more robust and open Windows endpoint security environment that enhances security for our shared customers.

Nevertheless, certain suppliers have voiced apprehension and suggested closer examination of Microsoft’s behaviors. As per Cloudflare CEO Matthew Prince, “A world in which only Microsoft offers reliable endpoint security does not equate to a safer world.

Read More

2024-09-13 12:39