Will it disallow access to the Windows kernel by security products? Not right now, but the path could lead there.
Microsoft held a security conference earlier this week at its Redmond headquarters. It invited business partners, especially those in the security field, to participate.
The hot topic during the conference was the Crowdstrike disaster that took down more than 8.5 million PCs worldwide. More precisely, how to avoid a repeat of it in the years to come.
David Weston, Vice President Enterprise and OS Security at Microsoft, published a summary of the event on the Microsoft Windows blog.
The main short-term takeaways:
- Microsoft and security vendors agree that choice is good when it comes to security products for Windows.
- A list of best practices for developing and distributing security updates will be created based on discussing Safe Deployment Practices.
- Other areas of improvement include testing, information sharing, and improved incident response effectiveness.
For the long-term, Microsoft plans to introduce new security capabilities to the Windows platform to add “security capabilities outside of kernel mode”.
Microsoft will design and develop the new platform in collaboration with “ecosystem partners”. The goal is “enhanced reliability without sacrificing security” according to Microsoft.
The blog post ends with several partner quotes and how everyone appreciated the opportunity to discuss security. Reading between the lines, several expressed concern that security could suffer, especially if kernel access would be revoked.
Closing Words
It will take some time before changes, even the discussed short-term changes, are applied. While Microsoft said nothing about pushing security products out of the kernel on Windows, some are worried already that Microsoft could create a solution that benefits its own products over everyone else’s.
It would not be the first time in the history of Windows.
What is your take on this development? It should be clear that something needed to be done to avoid another scenario that would cause millions of PCs to go down in flames. Are the proposed changes the right way?
First of all, our data is the product.
The only way to be 100% secure [u] online [/u] is to give up 100% of our privacy and I hope no one is willing to pay that price.
Why would M.$ not prioritize it’s own products when creating a better security solution? Google, Apple, Linux, they all do the same. They are all in it for the money, not for philanthropic reasons.
What do I think? Nadella and his “empowered” employees have let Microsoft run amuck for too long. Nadella’s hands-off management style and lack of vision is coming back to haunt him. It started when Nadella said, when asked about pay equity, that “women are paid with karma.” It multiplied when he fired the human quality assurance/testing team and became over-reliant on machine learning for deciding on the reliability of the Patch Tuesday updates. And it is now spiraling out of control with all the security breaches Microsoft has had this decade.
The buggy update from Crowdstrike is Crowdstrike’s problem, and Crowdstrike is the entity that needs to fix it. All Microsoft is doing is trying to save face. If there is a German equivalent of the cliche “the pot calling the kettle black,” that is exactly what I think this scenario is.