Microsoft considers surprising change to prevent future outages

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

considers surprising change to prevent future outages

The massive IT outage from last weekend was not a bad look for CrowdStrike — but

This is the hidden content, please

• Sign In
• or
• Sign Up

too. To avoid future large-scale issues,

This is the hidden content, please

• Sign In
• or
• Sign Up

is evaluating blocking third-party security software from accessing the Windows Kernel, according to a

This is the hidden content, please

• Sign In
• or
• Sign Up

, VP of program management for Windows servicing and delivery.

If this change were to be put in place, the restriction would imitate Apple’s 2020 move, which limited third-party software from accessing its core operating system. The

This is the hidden content, please

• Sign In
• or
• Sign Up

, ensuring that every system partition (or volume) that contains the core operating system is cryptographic verified, down to every last file. The goal, of course, is preventing changes from third-party entities that could melt down the whole system. Sound familiar?

Of course, it’s a change easier said than done.

This is the hidden content, please

• Sign In
• or
• Sign Up

attempted to do exactly this in 2006 with Windows Vista, preventing third parties from having kernel access. However, the plan ******* due to resistance from EU regulators and complaints from — you guessed it — cybersecurity vendors.

In the blog post, John Cable states, “Examples of innovation include the recently announced

This is the hidden content, please

• Sign In
• or
• Sign Up

, which provide an isolated compute environment that does not require kernel mode drivers to be tamper resistant, and the

This is the hidden content, please

• Sign In
• or
• Sign Up

Azure Attestation service, which can help determine boot path security posture.” He goes on to state that they will continue to develop these capabilities and enhance the resiliency of the Windows ecosystem.

In theory, by preventing security software from accessing the kernel, Windows would never again experience the worldwide outage it recently experienced, and that caused 8.5 million PCs to ****** due to a CrowdStrike bug. The downside, of course, is that preventing kernel access would also mean that the security software would not be able to monitor for any potential threats. After all, moving in this direction doesn’t mean that other types of attacks are impossible.

Let’s be clear:

This is the hidden content, please

• Sign In
• or
• Sign Up

did not confirm that this is the path it will take from now on. But this blog post certainly threw the idea in the air, and that’s significant. More than ever before, there may be a stronger incentive to consider locking down Windows now that we’ve seen the wreckage of the situation.

This is the hidden content, please

• Sign In
• or
• Sign Up

#

This is the hidden content, please

• Sign In
• or
• Sign Up

#considers #surprising #change #prevent #future #outages

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up