The CrowdStrike incident that affected more than 8.5 million Windows PCs worldwide and forced users to face the “Blue Screen of Death,” made Microsoft sit down and revisit the resilience of its operating system.
The company is now prioritizing the reduction of kernel-level access for software applications, a move designed to enhance the overall security and resilience of the Windows operating system, as part of its post-CrowdStrike attempt to make its security architecture more resilient and robust.
“This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience,” John Cable, vice president of program management for Windows servicing and delivery wrote in a blog post.
“Examples of innovation,” he added, “include the recently announced VBS enclaves, which provide an isolated compute environment that does not require kernel mode drivers to be tamper-resistant, and the Microsoft Azure Attestation service, which can help determine boot path security posture.”