Continue reading this on our app for a better experience

Open in App
Floating Button

Microsoft, cyber firms pursue changes after CrowdStrike outage

Bloomberg
Bloomberg • 2 min read
Microsoft, cyber firms pursue changes after CrowdStrike outage
Microsoft’s statement comes less than two months after CrowdStrike pushed out an update that crashed millions of Windows computers. Photo: Bloomberg
Font Resizer
Share to Whatsapp
Share to Facebook
Share to LinkedIn
Scroll to top
Follow us on Facebook and join our Telegram channel for the latest updates.

Microsoft Corp. said it’s building an alternative for cybersecurity companies that now utilise the deepest layer of its operating system after a flawed update from CrowdStrike Holdings Inc. triggered a global IT meltdown.

The Redmond, Washington-based technology giant announced Thursday that it would “continue to design and develop” a “new platform capability” in response to what it said was customer and partner demand to enable security vendors to operate outside of kernel mode, the base layer of the operating system. Such a shift would require major retooling by Microsoft and by some outside cybersecurity companies that use kernel access to monitor potential threats. The goal, Microsoft said, was “enhanced reliability without sacrificing security.”

The announcement follows a Sept. 10 meeting between Microsoft and other cybersecurity companies to discuss deploying updates safely and alternatives to kernel access.

Microsoft’s statement comes less than two months after CrowdStrike pushed out an update that crashed millions of Windows computers, crippling airports, banks, stock exchanges and businesses around the world. The outage touched off a debate over whether cybersecurity firms should be allowed to operate at the kernel level of Microsoft Windows systems because of the risks associated with such core access.

Microsoft said in a blog post announcing the work that the latest version of its Windows operating system has made changes that allow cybersecurity companies to provide more “security capabilities” outside of kernel mode.

Following the meeting, some security firms see operating in this base layer as essential. 

See also: SOSD partners producer Daniel Yun and local filmmakers to produce five short films featuring local shelter dogs

In a statement released by Microsoft, digital security firm Eset LLC said, “It remains imperative that kernel access remains an option for use by cybersecurity products to allow continued innovation and the ability to detect and block future cyber threats.” 

Drew Bagley, CrowdStrike’s vice president and counsel for privacy and cyber policy, said in the Microsoft statement, “We appreciated the opportunity to join these important discussions with Microsoft and industry peers on how best to collaborate in building a more resilient and open Windows endpoint security ecosystem that strengthens security for our mutual customers.”

×
The Edge Singapore
Download The Edge Singapore App
Google playApple store play
Keep updated
Follow our social media
© 2024 The Edge Publishing Pte Ltd. All rights reserved.