{"id":1495,"date":"2024-09-14T07:37:56","date_gmt":"2024-09-14T07:37:56","guid":{"rendered":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/?p=1495"},"modified":"2024-09-14T07:37:56","modified_gmt":"2024-09-14T07:37:56","slug":"microsoft-announces-new-windows-security-update-programme","status":"publish","type":"post","link":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/archives\/1495","title":{"rendered":"Microsoft announces new Windows security update programme"},"content":{"rendered":"\n

It’s been nearly two months since a CrowdStrike outage caused Microsoft<\/a> Windows machines around the world to crash.<\/p>\n\n\n\n


CrowdStrike itself has investigated why the incident occurred, and Microsoft released its own analysis shortly after. While most in the industry agree that the CrowdStrike outage was not Microsoft’s fault, it has led some to question whether the company should have allowed security products to have kernel-level access. <\/p>\n\n\n\n

>>>>>>>>>>Microsoft Surface Laptop Studio 1964 – Battery G3HTA071H 4948mAh<\/a><\/p>\n\n\n\n

\"\u5fae\u4fe1\u622a\u56fe_20240914152753.png\"\/<\/a><\/figure>\n\n\n\n

That was one of the topics discussed at the Windows Endpoint Security Ecosystem Summit on 10 September between Microsoft, government officials and cybersecurity companies. Kernel-level access allows security products to work at the deepest level, thereby increasing their effectiveness. However, Apple doesn’t provide this level of access because it says it could also be a security risk.<\/p>\n\n\n\n


Kernel-level access allows security products to work at the deepest level, increasing their efficacy. Yet Apple does not offer this level of access, because it says this can also be a security risk. <\/p>\n\n\n\n

>>>>>>>>>>Microsoft Surface Pro X 13″ Tablet – Battery G3HTA056H 5039mAh<\/a>
In Microsoft\u2019s case, the thinking is that reducing access to the kernel would mean an update to a security product such as CrowdStrike would not cause the whole Windows system to crash. The meeting comprised Microsoft, government officials and Microsoft Virus Initiative partners \u2014 companies that develop endpoint protection and additional security products for Windows.
The group discussed safe deployment practices at Microsoft and shared best practices as a community, including sharing data, tools and documented processes. \u201cWe face a common set of challenges in safely rolling out updates to the large Windows ecosystem, from deciding how to do measured rollouts with a diverse set of endpoints to being able to pause or rollback if needed,\u201d Weston said.<\/p>\n\n\n\n


A core SDP principle is \u201cgradual and staged deployment of updates sent to customers.\u201dThis is something CrowdStrike did not do with its Rapid Response content before the July incident, but staged deployment for all updates are now in place. <\/p>\n\n\n\n

Outside Of Kernel Mode<\/strong>
The conversation also explored new platform capabilities Microsoft plans to make available in Windows. For example, Windows 11\u2019s \u201cimproved security posture and security defaults enable the platform to provide more security capabilities to solution providers outside of kernel mode.\u201d<\/p>\n\n\n\n

Microsoft said customers and ecosystem partners think it\u2019s a good idea to provide additional security capabilities outside of kernel mode \u201cwhich, along with SDP, can be used to create highly-available security solutions.\u201dAs a next step, Microsoft will continue to design and develop this new platform capability with input and collaboration from ecosystem partners to \u201cachieve the goal of enhanced reliability without sacrificing security,\u201d Weston said.Weston also highlighted the importance of having business continuity planning and a major incident response plan in place and \u201cbacking up data securely and often.\u201d <\/p>\n\n\n\n

Security Experts Respond<\/strong><\/p>\n\n\n\n


Security vendors are supportive of the Microsoft-led plans. For example, ESET said it \u201csupports modifications to the Windows ecosystem that demonstrate measurable improvements to stability, on condition that any change must not weaken security, affect performance, or limit the choice of cybersecurity solutions.\u201d <\/p>\n\n\n\n

However, the firm said it \u201cremains imperative that kernel access remains an option for use by cybersecurity products to allow continued innovation and the ability to detect and block future cyberthreats.\u201dSean Wright, head of application security at Featurespace, \u201capplauds Microsoft for holding this event and coming up with ideas,\u201d but says he thinks \u201caccountability sits with vendors.\u201d \u2018After all, it’s their update – they need to take responsibility,\u2019 he said. He stressed the importance of \u2018proper testing\u2019 and a \u2018more phased rollout\u2019 – two things that were found lacking in CrowdStrike’s botched July update. Wright said kernel access is important for these products to work properly and be fully functional. He noted that \u2018a very similar problem happened with CrowdStrike on Linux a few months ago.\u2019 It’s worth noting, Wright said, that multiple vendors have had this access for years with only one major incident. \u2018So, yes, the CrowdStrike issue is serious, but it’s extremely rare. I think it’s important to keep that in mind.\u2019 <\/p>\n\n\n\n

<\/p>\n\n\n\n

>>>>>>>>>>Microsoft Surface Pro 8 1982 1983 – Battery 96BTA016H 4414mAh<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

It’s been nearly two months since a CrowdStrike outage caused Microsoft Windows machines around the world to crash. CrowdStrike itself has investigated why the incident occurred, and Microsoft released its own analysis shortly after. While most in the industry agree that the CrowdStrike outage was not Microsoft’s fault, it has led some to question whether…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[1],"tags":[437,461],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/posts\/1495"}],"collection":[{"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/comments?post=1495"}],"version-history":[{"count":1,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/posts\/1495\/revisions"}],"predecessor-version":[{"id":1496,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/posts\/1495\/revisions\/1496"}],"wp:attachment":[{"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/media?parent=1495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/categories?post=1495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.batteriesglobal.co.uk\/batterynews\/wp-json\/wp\/v2\/tags?post=1495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}