Microsoft Plans to Reduce Kernel-level Operations for Cybersecurity Vendors Post-outage

Microsoft (NASDAQ:MSFT) announced it is developing a new platform aimed at helping cybersecurity firms operate without accessing the kernel mode of its Windows operating system.

Bloomberg reported that the company’s move comes after an incident in July when an update from CrowdStrike Holdings (NASDAQ:CRWD) caused a widespread outage affecting millions of Windows computers.

On Tuesday (September 10), Microsoft held a meeting with cybersecurity firms to discuss the potential risks of allowing third-party security vendors to access the kernel, the core part of its operating system.

During this meeting, discussions focused on finding ways to reduce the likelihood of future incidents similar to the July outage, which disrupted operations for several industries, including airlines, banks and healthcare providers.

This sparked a debate about whether security vendors should have access to the kernel, as such access carries significant risks when updates or other changes malfunction. The kernel is the core component of an operating system that manages system resources and facilitates communication between hardware and software.

Microsoft is now seeking to find alternative ways for cybersecurity companies to operate while protecting customers. The company will be designing and developing new systems to address concerns raised by both customers and partners. It intends to offer greater reliability without compromising the security functions required by cybersecurity firms.

By moving away from kernel-level operations, Microsoft hopes to reduce the possibility of global outages while still providing robust protection against cyber threats.

Company executive David Weston reiterated this stance during a cybersecurity summit, stating that collaboration with industry players is essential for ensuring a safer and more reliable digital environment. “Both our customers and ecosystem partners have called on Microsoft to provide additional security capabilities outside of kernel mode which, along with safe deployment practices, can be used to create highly available security solutions,” he said.

Weston added that the company is committed to working with cybersecurity vendors to develop solutions that protect users while minimizing risks associated with kernel access.

CrowdStrike, which was at the center of the July incident, expressed its willingness to participate in ongoing discussions with Microsoft and other industry leaders to improve cybersecurity protocols.

The July incident impacted approximately 8.5 million devices, leading to widespread disruptions.

Delta Air Lines (NYSE:DAL), one of the companies most affected by the outage, has since announced that it is pursuing legal action against both CrowdStrike and Microsoft. The airline estimates that the outage cost it more than US$500 million due to flight cancellations and other operational challenges.

Don't forget to follow us @INN_Technology for real-time updates!

Securities Disclosure: I, Giann Liguid, hold no direct investment interest in any company mentioned in this article.