Microsoft Considers Limiting Kernel Access

In response to a recent IT outage caused by a buggy update from CrowdStrike, affecting 8.5 million PCs, Microsoft is considering restricting third-party access to the Windows kernel to enhance system resilience. This move would follow Apple's 2020 strategy of limiting kernel access in macOS for improved security. John Cable, Microsoft VP, highlighted alternatives like VBS enclaves and Microsoft Azure Attestation service that provide security without requiring kernel mode drivers. Despite potential pushback from cybersecurity vendors and regulators, Microsoft aims to prioritize innovations that enhance the Windows ecosystem's security. The company emphasizes closer collaboration with partners to ensure end-to-end resilience and prevent future large-scale disruptions.