Microsoft is developing tools to prevent another global IT outage like the one caused by a CrowdStrike update in July, which disabled approximately 8.5 million Windows devices. These changes ensure security vendors can operate outside the core Windows operating system.
The initiative was discussed at a cybersecurity summit held Tuesday at Microsoft's Redmond headquarters. The summit gathered representatives from government agencies and major security vendors, including CrowdStrike, Broadcom, and Sophos. Microsoft emphasized that long-term measures are being explored to strengthen network resilience and cybersecurity.
David Weston, Microsoft's vice president of enterprise and operating system security, revealed that many partners have requested tools that allow their products to run outside the Windows kernel. This change would provide stronger anti-tampering protections and improve performance while adhering to secure-by-design principles.
The July outage occurred when a faulty content update was pushed directly to the Windows kernel, which controls the operating system's essential functions. Security vendors often use this kernel access to enhance the efficiency of their tools. Still, it also opens the door to widespread issues when problems arise. Microsoft's move to develop solutions that reduce this dependency aims to mitigate such risks in the future.
Microsoft did not provide a timeline for releasing these new security features. Still, it will continue gathering feedback from its partners throughout the development process.