Gift this article
In this Article
Follow
Follow
Have a confidential tip for our reporters? Get in TouchBefore it’s here, it’s on the Bloomberg Terminal LEARN MORE
September 13, 2024 at 01:15 GMT+7
Save
Listen
2:02
Microsoft Corp. said it’s building an alternative for cybersecurity companies that now utilize the deepest layer of its operating system after a flawed update from CrowdStrike Holdings Inc. triggered a global IT meltdown.
The Redmond, Washington-based technology giant announced Thursday that it would “continue to design and develop” a “new platform capability” in response to what it said was customer and partner demand to enable security vendors to operate outside of kernel mode, the base layer of the operating system. Such a shift would require major retooling by Microsoft and by some outside cybersecurity companies that use kernel access to monitor potential threats. The goal, Microsoft said, was “enhanced reliability without sacrificing security.”
The announcement follows a Sept. 10 meeting between Microsoft and other cybersecurity companies to discuss deploying updates safely and alternatives to kernel access.
Get the Singapore Edition newsletter in your inbox.
Go beyond the headlines with insights into one of Asia’s most dynamic economies. Delivered weekly.
Bloomberg may send me offers and promotions.
Sign Up
By submitting my information, I agree to the Privacy Policy and Terms of Service.
Microsoft’s statement comes less than two months after CrowdStrike pushed out an update that crashed millions of Windows computers, crippling airports, banks, stock exchanges and businesses around the world. The outage touched off a debate over whether cybersecurity firms should be allowed to operate at the kernel level of Microsoft Windows systems because of the risks associated with such core access.
Microsoft said in a blog post announcing the work that the latest version of its Windows operating system has made changes that allows cybersecurity companies to provide more “security capabilities” outside of kernel mode.
Following the meeting, some security firms see operating in this base layer as essential.
In a statement released by Microsoft, digital security firm Eset LLC said, “It remains imperative that kernel access remains an option for use by cybersecurity products to allow continued innovation and the ability to detect and block future cyberthreats.”
Drew Bagley, CrowdStrike’s vice president and counsel for privacy and cyber policy, said in the Microsoft statement, “We appreciated the opportunity to join these important discussions with Microsoft and industry peers on how best to collaborate in building a more resilient and open Windows endpoint security ecosystem that strengthens security for our mutual customers.”