Tech News
← Back to articles

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown

2025-10-31 | original
read original related products more articles

Elyse Betters Picaro / ZDNET

Last summer's CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the event caused billions of dollars in direct and indirect damages, and it was entirely preventable.

Also: How to get Windows 10 extended security updates for free: 2 options

In response, Microsoft convened a security summit, bringing together technical experts from CrowdStrike and its competitors in the endpoint security software business. That meeting led to an announcement late last year of a new set of Safe Deployment practices and some changes to the architecture of Windows desktop and server products, with the goal of preventing a similar incident from ever happening again.

No more kernel drivers?

Today, the company announced that some of those Windows Resiliency Initiative features are about to go live. In July, the company said, it will deliver a private preview of the new Windows endpoint security platform to a set of its partners who have signed on to the Microsoft Virus Initiative 3.0 program. The biggest change is one that the majority of security experts had recommended -- moving third-party security drivers out of the Windows kernel, where a flaw could cause a catastrophic crash, and running them in user space instead.

The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel. This means security products like antivirus and endpoint protection solutions can run in user mode just as apps do. This change will help security developers provide a high level of reliability and easier recovery, resulting in less impact on Windows devices in the event of unexpected issues.

The announcement includes supportive quotes from some of those partners, including Bitdefender, ESET, SentinelOne, Trellix, Trend Micro, WithSecure, and -- naturally -- CrowdStrike.

Also: Will your old laptop still get security updates after this year? Check this chart

Last year, following the security summit, ESET had been blunt about the prospect of changes to the endpoint security platform: "It remains imperative that kernel access remains an option for use by cybersecurity products," the company wrote in an unsigned statement. This year's remarks are more collegial but still not quite a ringing endorsement:

... continue reading

Related:
You Probably Have a Better Password Than The Louvre Did: Learn From Its Mistake
Microsoft confirms a bug is hitting paid Windows 10 ESU users - here's what's happening
iOS 18.7.2 now available for iPhone, here’s what’s new
Windows 10 may warn support has ended even if you paid for extended updates - here's why
Norway reviews cybersecurity after remote-access feature found in Chinese buses

© 2025 GoKawiil