The recent CrowdStrike outage caused 8. 5 million computers to fail, affected millions of people, and potentially cost businesses billions of dollars. Considered by many as the “digital pandemic,” the outage has sparked a backlash from CrowdStrike, Microsoft and security experts. The outage was due to a CrowdStrike bug, and Microsoft is looking for features that could cause similar outages in the future.
“The recent CrowdStrike incident underscores the need for critical resiliency within each and every organization and our unique ability for the change required,” said John Cable, vice president of program control for Windows Maintenance and Delivery at Microsoft.
CrowdStrike and some other security software run at the kernel point in Windows 11. This configuration gives security devices like CrowdStrike access to a PC’s memory and parts of the operating system that are normally closed to other applications. This is possible at the moment thanks to kernel access. it allows software to monitor a formula, but it also means that a faulty driver in something like CrowdStrike can cause a PC to crash.
Cable explained that the recent CrowdStrike outage “makes it clear that Windows wants to prioritize updating and innovation in the end-to-end resiliency space. ” While Cable did not specifically claim that Microsoft would remove the kernel from security software, the examples he shared are for security strategies that do not require the Windows kernel.
VBS enclaves, featured over Cable, do not require access to the kernel. The Microsoft Azure Attestation service is another security measure that can protect systems without exposing a PC to the same dangers presented through an application with kernel access.
“These examples use trendy Zero Trust approaches and show what can be done to inspire progression practices that don’t rely on kernel access,” Cable said. “We will continue to build on those capabilities, our platform, and do even more to improve the resilience of the Windows ecosystem, working in a brazen and collaborative manner with the broader security community. “
If Microsoft stopped allowing security programs to access the kernel, a faulty update to CrowdStrike or some other application wouldn’t cause PCs to crash. Of course, other types of attacks would still be possible, as cybersecurity is incredibly complex, but the express type of challenge that caused CrowdStrike to go live would not be possible.
The CrowdStrike outage was an incident in which 8. 5 million PCs crashed and demonstrated the “Blue Screen of Death” (BSoD). The scenario caused planes to be grounded, banks to crash and emergencies to break down. This is one of the largest interrupciones. de this type on record and will most likely have serious consequences in several industries.
The outage was due to a buggy driver update sent via CrowdStrike, but the issue only affected Windows PCs. It is for this reason that some have referred to the incident as a “Microsoft outage. ” While Microsoft is not directly to blame for The issue is that it was the formulas that executed the tech giant’s operating formula that failed. Microsoft had to look for solutions.
Microsoft has released a CrowdStrike recovery tool, which has since been updated with multiple recovery methods.
Several memes were created about the interruption of CrowdStrike and some other people deserved a wonderful day off, but the situation was dire. Most likely, billions of people have been affected by the disruption, at least indirectly. Businesses have also lost money due to the disruption of services.
Sean Endicott brings nearly a decade of delight covering Microsoft and Windows news to Windows Central. He joined our team in 2017 as an app reviewer and now leads our news coverage. If you have a tip or app to check out, tap on it in sean. endicott@futurenet. com.
Windows Central is from Future US Inc, a global media organization and leading virtual publisher. Visit our corporate site.