Microsoft outlined a strategy, protect Windows from future incidents like CrowdStrike. The company has published a series of steps to take to respond, as well as the necessary adjustments to the operating system. The computer crash that occurred a week ago made them realize that Windows requires structural changes to prevent something like this from happening again.
In a post on the Windows IT blog, Microsoft emphasized that The failure of the crowd strike should be taken as a wake-up call“This incident clearly shows that Windows must prioritize change and innovation in the area of end-to-end resilience,” said John Cable, vice president of Windows servicing and delivery program management.
The tech giant offers some clues about the changes coming to Windows. The fundamental question is protecting the operating system kernel to avoid such failures to what we saw last weekend. While Microsoft can’t protect the kernel, the company does have virtualization options like VBS enclaves.
These isolated execution environments They protect memory and do not require kernel-mode drivers to provide tamper-proof protection. VBS enclaves are part of virtualization-based security, an important Windows feature for protecting valuable secrets stored in the operating system.
Another feature that will help prevent another CrowdStrike is Microsoft Azure Attestation, a solution that Remotely checks the integrity of binary filesCable notes that these approaches are key to encouraging development practices that do not depend on access to the kernel.
Microsoft’s Hands Are Tied by Regulators
Computer crash caused by CrowdStrike has seriously damaged Microsoft’s reputation. At one point on Friday, airlines, companies and users were calling the incident a “Windows glitch.” Although the bug is not related to Windows, the cybersecurity software works at the kernel level of the operating system.
This could have been avoided if Microsoft had protected the kernel, as Google or Apple do. Unfortunately, the company It is legally prohibited to block access to third parties due to regulatory issuesIn 2009, Microsoft and the European Commission reached an agreement to allow third parties access to Windows APIs.
Software Crowdstrike It operates as a kernel-mode device disk, giving you access to the entire operating system. This privilege means that one corrupted file, like the one included in the update, was enough to turn the world upside down.
After the incident, Microsoft He blamed the European Commission and held it responsible for the spread of CrowdStrike. Some experts point out that technological I would use this decision as evidence to fight the compatibility agreement. 2009. A pledge signed several years ago would open the door to a new CrowdStrike, although its removal would benefit Microsoft relative to other cybersecurity vendors.
Source: Hiper Textual
I am Garth Carter and I work at Gadget Onus. I have specialized in writing for the Hot News section, focusing on topics that are trending and highly relevant to readers. My passion is to present news stories accurately, in an engaging manner that captures the attention of my audience.
