Microsoft is planning changes to Windows after the CrowdStrike incident

Microsoft has announced that significant changes are needed to improve the resilience of its Windows operating system following a major CrowdStrike incident affecting millions of PCs.

Here's What We Know

John Cable, Microsoft's vice president of programme management for Windows maintenance and delivery, highlighted the need for "end-to-end resilience" in a blog post. This could mean a change in Microsoft's approach to third-party developer access to the Windows kernel.

Cable pointed to recent innovations such as VBS enclaves and Azure Attestation as examples of security measures that don't depend on access to the kernel. The move to a Zero Trust approach could have major implications for the cybersecurity industry and Windows users around the world.

Earlier, a Microsoft spokesperson said that a 2009 agreement with the European Commission prevented the company from restricting third-party developers' access to core Windows features. The move could change the balance between system security and the needs of Microsoft's security partners.

Source: Microsoft