Microsoft continues to help CrowdStrike recover from a massive outage a week ago, when an error in a security software update disrupted the functionality of 8.5 million computers worldwide. At the same time, the software giant is calling for changes and hinting that Windows stability is a priority and developers should limit the rights of their cybersecurity solutions to avoid similar incidents in the future.
Image source: Microsoft
CrowdStrike blames a bug in testing software that was used to test updates before mass distribution. However, the company’s Falcon security software operates at the Windows kernel level, the core part of the operating system that has unrestricted access to system memory and hardware. Because of this, software failures can cause Windows to malfunction and cause Blue Screens of Death (BSODs).
The Falcon application uses a special driver that allows it to work at the Windows kernel level and detect threats in the system. Microsoft tried to restrict third-party apps’ access to the Windows kernel in 2006, but faced opposition from cybersecurity vendors and European Union regulators. At the same time, Apple was able to close access to the macOS core to third-party developers in 2020.
It seems that the recent incident has prompted Microsoft to renew the dialogue regarding the possible removal of access to the Windows kernel. “This incident clearly demonstrates that Windows must prioritize change and innovation in the area of sustainability,” a Microsoft spokesperson said in a statement. He also noted that Microsoft is encouraging partners to work more closely to improve security and make Windows more stable.
Although Microsoft did not specify what improvements will be made to Windows after the CrowdStrike incident, it is likely that we are talking about limiting access to the operating system kernel for third-party developers, including cybersecurity solution providers. The company can’t just shut down access due to regulatory authorities, but it’s possible that Microsoft plans to do so eventually.