Microsoft Reveals New Windows Security Update Plans

In response to the CrowdStrike outage that affected Microsoft Windows machines globally, Microsoft convened the Windows Endpoint Security Ecosystem Summit on September 10. The incident raised concerns about allowing security products kernel-level access, which can enhance efficacy but also pose security risks. During the summit, Microsoft, government officials, and cybersecurity companies discussed the need for improved resiliency and shared best practices for software updates and disruptions. A core principle established was the gradual and staged deployment of updates, a practice that CrowdStrike had not previously implemented. Microsoft emphasized the importance of enhancing security capabilities outside of kernel mode, which could lead to more reliable security solutions without compromising overall system integrity. This approach aims to prevent future incidents similar to the CrowdStrike outage. Security vendors expressed support for Microsoft's plans, with ESET highlighting the necessity of maintaining kernel access for cybersecurity innovation. They stressed that any modifications to the Windows ecosystem should not weaken security or limit options for users. Sean Wright from Featurespace pointed out that accountability lies with vendors, who must ensure appropriate testing and staggered rollouts to avoid issues like those experienced by CrowdStrike. Overall, the summit marked a significant step towards enhancing the security framework of Windows systems, with a focus on collaboration among stakeholders to create a more resilient and secure environment for users.