Microsoft is taking steps to avoid another disaster like the CrowdStrike incident that affected 8.5 million Windows PCs in July. Following a faulty update that led to widespread Blue Screen of Death (BSOD) crashes, the tech giant is redesigning how security vendors interact with the Windows kernel.
In a recent summit at Microsoft’s Redmond headquarters, Microsoft unveiled plans to shift vendors like CrowdStrike, Sophos, and Trend Micro away from the Windows kernel. By allowing them to operate outside this core system component, Microsoft aims to improve system stability and resilience. Think of the kernel as the heart of Windows. Letting multiple vendors access it is like allowing different people to perform heart surgery—too risky.
Think of your computer’s operating system as a house and the kernel as the foundation or the central control system. Now, imagine you have security guards to protect this house from intruders placed inside. While they protect, their proximity poses a severe risk, as any mistake would cause damage from within. Moving those security guards outside the front gate minimizes the risk of internal damage by limiting the impact to the exterior, thus safeguarding the core of the house.
This is what Microsoft is aiming to do, that is, move security operations outside the most critical parts of the system to prevent significant issues like the BSOD crash, even if something goes wrong with the security software.
Not everyone is on board with this plan, though. While companies like Sophos and Trend Micro support the changes, others, like Cloudflare, are worried. They are concerned that if Microsoft has too much control, it could limit competition and make it harder for other companies to provide security solutions.
Microsoft, however, is working with its partners to develop a platform that balances security and system integrity. As discussions within the industry continue, one thing is certain: Windows will be made more secure to prevent future security breaches.
