Source URL: https://tech.slashdot.org/story/25/06/26/1650259/microsoft-moves-antivirus-software-out-of-windows-kernel-to-prevent-crowdstrike-style-crashes?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Microsoft Moves Antivirus Software Out of Windows Kernel To Prevent CrowdStrike-Style Crashes
Feedly Summary:
AI Summary and Description: Yes
Summary: Microsoft is set to roll out a private preview of a new Windows endpoint security platform that significantly modifies how antivirus and endpoint detection and response applications interact with the Windows kernel. This initiative, developed in collaboration with various security vendors, follows a major incident where a faulty update led to significant disruptions across Windows systems.
Detailed Description: The upcoming changes to Windows security represent a significant shift in how antivirus software and endpoint detection mechanisms operate within the operating system. This effort reflects both a response to past failures and a proactive approach to enhancing security architecture.
– **Collaboration with Security Vendors**: The development of the new security platform involves partnerships with notable security firms, including CrowdStrike, Bitdefender, ESET, and Trend Micro. This collaboration aims to harness diverse expertise and improve overall security mechanisms in Windows.
– **Private Preview**: The private preview will give selected security vendors the opportunity to examine the new platform and provide feedback or request modifications before it is officially released. This iterative approach allows for enhanced scrutiny and refinement of security measures.
– **Background Context**: This initiative follows a significant incident where a problematic update from CrowdStrike impacted 8.5 million Windows-based machines. The fallout from such an event emphasizes the importance of robust security frameworks within the operating system.
– **Design Requirements**: Microsoft’s engagement with numerous partners has resulted in an extensive collection of design requirements. Some submissions have reportedly stretched into hundreds of pages, indicating the complexity and significance of the updates being proposed.
Overall, this development signals a critical evolution in Windows security architecture, with implications for how endpoint protection will function across vast installations, which is crucial for IT security professionals navigating compliance and governance in a rapidly changing technological landscape. The emphasis on collaboration and vendor involvement suggests a more integrated and responsive security ecosystem moving forward.