Now there's an idea – parsing config data in user mode
Microsoft has vowed to reduce cybersecurity vendors' reliance on kernel-mode code, which was at the heart of the CrowdStrike super-snafu this month.a technical incident response write-up on Saturday – titled"Windows Security best practices for integrating and managing security tools" – in which veep for enterprise and OS security David Weston explained how Microsoft measured the impact of the disaster: By accessing crash reports shared by customers.
This is because Windows kernel mode is a powerful, trusted environment in which code runs close to the hardware and there isn't much in the way of guardrails; it's the software that manages your devices, keeps CPU cores busy with work from applications, and keeps programs and users separate from each other as needed, among other tasks.
And especially in the case of CrowdStrike, in which its digitally signed driver-level code – ordinarily approved by Microsoft – is extended by data files pushed out in the form of updates; one rogue update will undo whatever trust Windows had in CrowdStrike's kernel-level code.' That arrangement, he suggested,"demonstrates the best practice of minimizing kernel usage while still maintaining a robust security posture and strong visibility."This is also a good time to note that CrowdStrike did try to test its bad update before its release, though that validation pipeline, flag up, and block the corrupted data from going out to everyone.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
CrowdStrike IT outage affected 8.5 million Windows devices, Microsoft saysIt’s the first time that a number has been put on the glitch that is still causing problems around the world.
Read more »
EU gave CrowdStrike the keys to the Windows kernel, claims MicrosoftWas a 2009 directive on interoperability to blame?
Read more »
How to Protect Yourself From Scams Following the CrowdStrike Microsoft IT OutageHere is how you can protect yourself from scammers who are capitalizing on the CrowdStrike Microsoft IT outage.
Read more »
Pharmacy backlogs will continue after global Microsoft and Crowdstrike IT outage'We have been experiencing some heightened tensions in some pharmacies by patients'
Read more »
Wealthy influencer hit by Microsoft and CrowdStrike outage shares videos of herself stuck in first...A fashion-savvy influencer is one of many fliers stuck in France due to the global Microsoft outage caused by an error from CrowdStrike.
Read more »
Massive worldwide IT outage could take some time to fix, cybersecurity boss saysAirports, banking and healthcare were all hit when a Crowdstrike update triggered huge Microsoft outages.
Read more »