July 22, 2024 at 09:05AM
Microsoft is facing questions regarding third-party software like CrowdStrike running at a low level in the Windows kernel, sparking fallout in the tech industry. The 2009 undertaking with the European Commission may have contributed to this situation, as it sought to provide equal access to third-party security vendors. However, closer examination of the underlying architecture is warranted.
Based on the meeting notes, it appears that there are concerns about third-party software, such as CrowdStrike, running at a low level in the Windows kernel. This has raised questions about whether the 2009 undertaking with the European Commission may have contributed to the lack of protection for the Windows kernel compared to other operating systems. The agreement was focused on interoperability and aimed to give third-party security vendors the same access as Microsoft’s own products. However, it is noted that Microsoft could have created an out-of-kernel API for security vendors to use, rather than allowing them to run at such a low level in the kernel. There are concerns about the potential mayhem that could occur if something goes wrong with third-party software at this level.
The Wall Street Journal’s report points to the 2009 undertaking as a reason for the current architecture that allows third-party software to run deeply integrated with the Windows kernel. It is also noted that Microsoft has not yet responded to inquire if this still represents the company’s stance on the impact of third-party software on the Windows operating system.