Cybersecurity

Microsoft Plans Cyber Summit After CrowdStrike Crash

Microsoft will hold a cybersecurity summit on September 10, following the 8.5 million devices that were affected by the CrowdStrike update crash.

TakeAway Points:

  • On September 10, Microsoft will hold a cybersecurity summit to discuss the recent global crash that was brought on by a defective update from CrowdStrike.
  • Following the July incident, which impacted 8.5 million Windows machines, Microsoft thought about preventing third-party kernel access, maybe favouring its own Defender program.
  • Modifications might affect software compatibility and necessitate major revisions from security suppliers, which would worry rivals and corporate clients.

Microsoft to host Cybersecurity Summit

Microsoft Corp. is organizing a meeting with cybersecurity companies, including CrowdStrike Holdings Inc., to address the recent global computer crash caused by a faulty content update. The summit is scheduled for September 10 at Microsoft’s headquarters in suburban Seattle. The primary agenda is to discuss best practices for deploying updates on Windows computers and to evaluate whether security firms should continue to have access to the kernel, the core of Microsoft’s Windows operating systems.

The meeting follows a significant incident in July when a flawed content update from CrowdStrike led to widespread outages of Windows systems, affecting businesses and markets globally. The crash disrupted air travel, banking operations, and other critical services. Since then, CrowdStrike has implemented extensive changes to its testing and deployment processes for content updates. Government representatives are also expected to attend the summit.

“We look forward to bringing our perspective to the discussions with Microsoft and industry and government stakeholders on the need for a more resilient ecosystem,” a CrowdStrike spokesperson stated.

Examining Security Redesign Issues

In response to the CrowdStrike incident, Microsoft is intensifying its efforts to make Windows more resilient to software errors. The company has been in talks with partners to adapt security procedures around its operating system to prevent similar issues in the future. 

Critics argue that these changes highlight shortcomings in Windows’ handling of third-party security software that could have been addressed earlier. However, these changes may also prove controversial among security vendors, requiring them to make significant adjustments to their products and forcing many Microsoft customers to adapt their software.

The July outages, which affected 8.5 million Windows devices and caused billions of dollars in damages, have increased scrutiny from regulators and business leaders. Microsoft is considering several options to enhance system stability, including potentially blocking access to the Windows kernel. This move could disadvantage third-party security software compared to Microsoft’s internal security product, Microsoft Defender.

“All of the competitors are concerned that [Microsoft] will use this to prefer their own products over third-party alternatives,” said Ryan Kalember, head of cybersecurity strategy at Proofpoint.

Potential Changes and Industry Impact

Microsoft may demand new testing procedures from cybersecurity vendors rather than modifying the Windows system itself. Apple, which was not affected by the outages, blocks all third-party providers from accessing the kernel of its MacOS operating system, forcing them to operate in the more limited “user mode.” 

Microsoft has previously stated it could not implement a similar approach due to an understanding with the European Commission in 2009 that required giving third parties the same access to its systems as Microsoft Defender.

Experts argue that this voluntary commitment to the EU does not prevent Microsoft from making the changes now under consideration. “These are technical decisions of Microsoft that were not part of [the arrangement],” said Thomas Graf, a partner at Cleary Gottlieb in Brussels. AJ Grotto, a former senior director for cybersecurity policy at the White House, added, “The text [of the understanding] does not require them to give access to the kernel.”

Blocking kernel access could enhance system resilience but may also bring “real trade-offs” for software compatibility, which has made Windows popular among business customers. “That would be a fundamental shift for Microsoft’s philosophy and business model,” said Forrester analyst Allie Mellen. Operating exclusively outside the kernel may reduce the risk of mass outages but could limit the effectiveness of security vendors’ products against hackers.

Comments
To Top

Pin It on Pinterest

Share This