Particle.news
Download on the App Store
4 ARTICLES
·
10mo ago

Microsoft to Reduce Kernel Driver Use in Security Tools After CrowdStrike Crash

The move aims to enhance system resilience and prevent widespread outages caused by security software failures.

A Microsoft computer displaying a classic blue screen error with a sad face emoticon in the center. The screen is filled with a bright blue color, and the sad face emoticon is rendered in white. The background showcases a retro computer room with outdated hardware and cables. The atmosphere is a nostalgic blend of technology and emotions.
Image
Image

Overview

  • Microsoft confirms the CrowdStrike crash was due to a memory safety error in a kernel-mode driver.
  • Kernel drivers provide system-wide visibility and tamper resistance but pose risks if they fail.
  • Microsoft outlines steps to minimize kernel dependency, including enhanced isolation and zero trust approaches.
  • Security vendors are encouraged to balance kernel use with reliability to maintain system stability.
  • The CrowdStrike incident highlights the need for rigorous testing and controlled rollouts of security updates.