Windows architecture is being rebuilt – third-party developers out of the kernel
Microsoft wants to ensure that security software providers can no longer hack into the kernel and cause serious problems there. The operating system is therefore being given a new intermediate layer.
Lessons from CrowdStrike
The planned changes are a direct result of the CrowdStrike incident. Problems in this provider’s security software caused numerous Windows systems to fail around the world some time ago. One problem was identified as the software being deeply embedded in the Windows kernel. The problem, however, is that security applications in particular can currently only perform their tasks if they have access to the kernel and have extensive rights. What a viable solution for the future could look like has now been discussed with partners such as CrowdStrike, Broadcom, Sophos and Trend Micro, reported the US magazine The Verge.
The outcome of the talks will likely result in the Windows architecture being redesigned to provide a new layer above the kernel to which such software can dock. “Both our customers and our ecosystem partners have asked Microsoft to provide additional security features outside of kernel mode, which, when combined with secure deployment practices, can enable highly available security solutions,” said David Weston, Vice President of Enterprise and Operating System Security at Microsoft.
Not the first attempt
Microsoft also discussed the performance requirements and challenges for security vendors to operate outside of kernel mode, as well as the need for tamper protections and security sensor requirements. “Microsoft’s next step will be to continue to develop this new platform with input and in collaboration with partners to achieve the goal of improved reliability without sacrificing security,” Weston said. Although Microsoft is not saying outright that it will close access to the Windows kernel, that is likely to be the result. A similar attempt by Microsoft in 2006 with Windows Vista met with significant resistance from cybersecurity vendors and regulators at the time, but now there appears to be more openness.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.
