Microsoft plans to move security software out of the Windows kernel

Microsoft plans changes to Windows security, moving software out of the kernel after the CrowdStrike incident.

: Microsoft aims to boost Windows security by relocating security software outside the kernel. At a summit with security vendors, practices like Safe Deployment Practices were discussed. Despite past resistance, vendors now support Microsoft's effort. The goal is improved performance and anti-tampering protection.

Microsoft is planning significant changes to enhance Windows security by moving security software out of the kernel. This decision comes in the wake of issues caused by a faulty update from CrowdStrike, affecting many Windows users globally.

During a community meeting on September 10, Microsoft shared its initial steps for strengthening the Windows platform with endpoint security vendors and government officials. The consensus highlighted the benefits of a diverse range of security products, ensuring the safety and resilience of the user base.

Microsoft's Safe Deployment Practices were discussed, emphasizing gradual and staged deployment of updates. Companies like Broadcom, Sophos, and Trend Micro shared their best practices, and the conversation shifted to developing new platform capabilities to enhance security outside of kernel mode.

Windows securityCrowdStrikeTech