Microsoft and cyber firms eye changes after CrowdStrike outage

Microsoft Corp. said it is building an alternative for cybersecurity companies that are now using the deepest layer of its operating system after a flawed update from CrowdStrike Holdings Inc. triggered a global IT crisis.

The Redmond, Wash.-based tech giant announced Thursday that it will “continue to design and develop” a “new platform capability” in response to what it said is customer and partner demand to enable security vendors to operate in out of kernel mode, base. operating system layer. Such a change would require major retooling by Microsoft and some third-party cybersecurity companies that use kernel access to monitor potential threats. The goal, Microsoft said, was “increased reliability without sacrificing security.”

The announcement follows a Sept. 10 meeting between Microsoft and other cybersecurity companies to discuss the safe deployment of updates and alternatives to kernel access.

Related: CrowdStrike wins to shed light on Fallout from global Windows outage

Microsoft’s statement comes less than two months after CrowdStrike released an update that crashed millions of Windows computers, crippling airports, banks, stock exchanges and businesses around the world. The outage has sparked a debate over whether cybersecurity firms should be allowed to operate at the kernel level of Microsoft Windows systems because of the risks associated with such basic access.

Microsoft said in a blog post announcing the work that the latest version of its Windows operating system has made changes that allow cybersecurity companies to provide more “security capabilities” outside of kernel mode.

Following the meeting, some security firms consider operating in this base layer to be essential.

Related: Microsoft, cyber firms to meet on fixes after CrowdStrike crash

In a statement released by Microsoft, digital security firm Eset LLC said: “It remains imperative that kernel access remains an option for using cybersecurity products to enable continued innovation and the ability to detect and block future cyber threats.” .

Drew Bagley, CrowdStrike’s vice president and privacy and cyber policy advisor, said in Microsoft’s statement: “We appreciated the opportunity to join these important discussions with Microsoft and industry peers about how best to work together to build a security Windows more resilient and open. ecosystem that strengthens the security of our mutual customers.”

Copyright 2024 Bloomberg.