Microsoft shifts focus to kernel-level security after CrowdStrike incident

Finger pressing windows button



Ideally, such privileged access should be governed stringently, ensuring adequately tested, digitally signed software with limited privileges is used,” Varkey added.  “It is also important for the OS vendor to be transparent to its partners on their potential vulnerabilities and risks, which could impact the stability of the Kernel.”

However, the CrowdStrike incident, with its catastrophic impact, seems to have given enough push for Microsoft to bring that conversation back to the table.

“Now, Microsoft’s decision to block kernel-level access to third parties could reduce the potential risk of such incidents,” said Varkey. “However, all third-party vendors currently having kernel access privileges may have to find a new approach in collaboration with OS vendors to achieve their objective.” Otherwise, security solutions offered by OS vendors may become the default and the only solution, Varkey added.



Source link
lol

Ideally, such privileged access should be governed stringently, ensuring adequately tested, digitally signed software with limited privileges is used,” Varkey added.  “It is also important for the OS vendor to be transparent to its partners on their potential vulnerabilities and risks, which could impact the stability of the Kernel.” However, the CrowdStrike incident, with its…

Leave a Reply

Your email address will not be published. Required fields are marked *