Microsoft considers surprising change to prevent future outages

By Judy Sanhz Published July 26, 2024

The Blue Screen of Death seen on a laptop. — Maxim Tolchinskiy / Unsplash

The massive IT outage from last weekend was not a bad look for CrowdStrike — but Microsoft too. To avoid future large-scale issues, Microsoft is evaluating blocking third-party security software from accessing the Windows Kernel, according to a blog post by John Cable, VP of program management for Windows servicing and delivery.

If this change were to be put in place, the restriction would imitate Apple’s 2020 move, which limited third-party software from accessing its core operating system. The change was introduced in macOS Big Sur, ensuring that every system partition (or volume) that contains the core operating system is cryptographic verified, down to every last file. The goal, of course, is preventing changes from third-party entities that could melt down the whole system. Sound familiar?

Recommended Videos

Of course, it’s a change easier said than done. Microsoft attempted to do exactly this in 2006 with Windows Vista, preventing third parties from having kernel access. However, the plan failed due to resistance from EU regulators and complaints from — you guessed it — cybersecurity vendors.

In the blog post, John Cable states, “Examples of innovation include the recently announced VBS enclaves, which provide an isolated compute environment that does not require kernel mode drivers to be tamper resistant, and the Microsoft Azure Attestation service, which can help determine boot path security posture.” He goes on to state that they will continue to develop these capabilities and enhance the resiliency of the Windows ecosystem.

In theory, by preventing security software from accessing the kernel, Windows would never again experience the worldwide outage it recently experienced, and that caused 8.5 million PCs to crash due to a CrowdStrike bug. The downside, of course, is that preventing kernel access would also mean that the security software would not be able to monitor for any potential threats. After all, moving in this direction doesn’t mean that other types of attacks are impossible.

Let’s be clear: Microsoft did not confirm that this is the path it will take from now on. But this blog post certainly threw the idea in the air, and that’s significant. More than ever before, there may be a stronger incentive to consider locking down Windows now that we’ve seen the wreckage of the situation.

Topics

Computing Writer

Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.

Computing

CrowdStrike denies responsibility for Delta airline outage

delta air lines computer issues

According to a recent posting by The Wall Street Journal, cybersecurity firm CrowdStrike is pushing back against Delta Airlines and claims that it was not responsible for the airline's days-long outage. CrowdStrike calls the $500 million lawsuit meritless. Despite hiring prominent lawyer David Boise, Delta Airlines will allegedly face some difficult questions.

"Should Delta pursue this path, Delta will have to explain to the public, its shareholders, and ultimately a jury why CrowdStrike took responsibility for its actions—swiftly, transparently, and constructively—while Delta did not," wrote Michael Carlinsky, an attorney at law firm Quinn Emanuel Urquhart & Sullivan. Despite the airlines being hit the hardest, Delta's competitors were able to get back on their feet much faster, only being offline for a couple of days, while Delta continued to have problems well into the following week.

Computing

Microsoft is backpedaling on future Windows 10 updates

The Windows Update screen in Windows 10.

Windows 10 is on its way out, with support ending in October 2025. That isn't changing, though Microsoft's approach to rolling out new features in the meantime definitely has. In a surprising move, Microsoft announced in a June 4 Windows Insider Blog post that it is bringing a Beta Channel for those Windows Insiders currently running on Windows 10 version 22H2.

This means that despite the end of support, Windows 10 users will continue to get some new features that were initially restricted to Windows 11, such as the new Copilot app. It's also possible that other features may be on the way, but Microsoft has not released any further information on the subject. It was originally stated that Windows 10 version 22H2 would be its final feature update, but that appears to not be true anymore.

Computing

This secret Microsoft Edge feature changed the way I work

A photo of Microsoft Edge running on a Windows laptop

Microsoft Edge is my go-to web browser. As aggressive as Microsoft might be with pushing Edge on Windows 11 users over alternatives like Firefox and Google Chrome, it sure is useful compared to its competition.

Jam-packed with AI features thanks to Copilot and even memory-saving features like sleeping tabs, it's hard for me to use any other browser but Edge. But one thing I love about the browser is a secret feature that's pretty well kept in the sidebar — and it's called Drop.
Changing how I transfer files

nproxy.org