The announcement follows a Sept. 10 meeting between Microsoft and other cybersecurity companies to discuss deploying updates safely and alternatives to kernel access.
Microsoft’s statement comes less than two months after CrowdStrike pushed out an update that crashed millions of Windows computers, crippling airports, banks, stock exchanges and businesses around the world. The outage touched off a debate over whether cybersecurity firms should be allowed to operate at the kernel level of Microsoft Windows systems because of the risks associated with such core access.
Microsoft said in a blog post announcing the work that the latest version of its Windows operating system has made changes that allow cybersecurity companies to provide more “security capabilities” outside of kernel mode.
Following the meeting, some security firms see operating in this base layer as essential.
See also: SAL launches ‘Mindful Business Movement’ to combat legal burnout
In a statement released by Microsoft, digital security firm Eset LLC said, “It remains imperative that kernel access remains an option for use by cybersecurity products to allow continued innovation and the ability to detect and block future cyber threats.”
Drew Bagley, CrowdStrike’s vice president and counsel for privacy and cyber policy, said in the Microsoft statement, “We appreciated the opportunity to join these important discussions with Microsoft and industry peers on how best to collaborate in building a more resilient and open Windows endpoint security ecosystem that strengthens security for our mutual customers.”
