_mundissima_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop)
July 29, 2024 at 04:40PM
Microsoft revised the estimate of machines crashing due to the CrowdStrike Falcon outage, stating that the previous number of 8.5 million was too low. The company aims to reduce infosec vendors’ reliance on kernel drivers and emphasized the need to balance the benefits and risks of using such drivers for security purposes.
Key takeaways from the meeting notes:
– Microsoft believes that their previous estimate of 8.5 million machines crashing due to the CrowdStrike Falcon outage is too low and that not every customer opts to share crash reports.
– They have promised to reduce infosec vendors’ reliance on kernel drivers in response to the outage.
– David Weston, vice president of enterprise and OS security at Microsoft, detailed in a blog post that the company accessed crash reports voluntarily shared by customers to measure the impact of the incident.
– Weston argued that kernel drivers like those employed by CrowdStrike can improve performance and prevent software tampering, but it’s essential to carefully balance the advantages against potential downfalls.
– He believes that if security vendors can strike the right balance, organizations can minimize kernel usage while maintaining a strong security position.