Microsoft Focuses on Kernel-Level Security After CrowdStrike Incident

“Ideally, such privileged access should be strictly regulated, ensuring that properly tested, digitally signed, and limited-privilege software is used,” Varkey added. “It is also important that the operating system vendor is transparent to its partners about their potential vulnerabilities and risks, which could impact kernel stability.”

However, the CrowdStrike incident, with its catastrophic impact, appears to have given Microsoft enough impetus to bring this conversation back to the table.

“Microsoft’s decision to block third-party access to the kernel could reduce the potential risk of such incidents,” Varkey said. “However, any third-party vendors that currently have kernel access privileges may need to find a new approach in collaboration with operating system vendors to achieve their goal.” Otherwise, security solutions offered by operating system vendors could become the default and only solution, Varkey added.