微软提到,“上月发生的CrowdStrike故障给我们生态系统提供了重要的经验教训,我们的讨论将集中在提高安全性和安全部署实践、设计具有弹性的系统、探索共同合作的方式,以提供最佳的服务。”The press release stated that Microsoft and crowdstrike will come together with key partners in endpoint security technology to discuss how to improve recovery capabilities and protect the critical infrastructure of shared customers. In July, computers around the world that use Microsoft Windows crashed due to a security software update from crowdstrike, causing a widespread blue screen crash failure.
On Friday (August 23), local time, according to Caixin, it was announced in an official blog that the Windows endpoint security ecosystem summit will be held at the Redmond headquarters in Washington state on September 10. $Microsoft (MSFT.US)$ The press release stated that Microsoft and the cybersecurity company will come together with key partners in endpoint security technology to discuss how to improve recovery capabilities and protect the critical infrastructure of shared customers.
Microsoft mentioned, 'The crowdstrike failure that occurred last month provided important lessons for our ecosystem, and our discussions will focus on improving security and deployment practices, designing resilient systems, and exploring ways of collaboration to provide the best services.' $CrowdStrike (CRWD.US)$ The press release stated that Microsoft and crowdstrike will come together with key partners in endpoint security technology to discuss how to improve recovery capabilities and protect the critical infrastructure of shared customers.
Microsoft mentioned, 'The crowdstrike failure that occurred last month provided important lessons for our ecosystem, and our discussions will focus on improving security and deployment practices, designing resilient systems, and exploring ways of collaboration to provide the best services.'
In July, computers around the world using Microsoft Windows crashed due to an update of the security software CrowdStrike, causing a large-scale blue screen crash failure and disrupting the operation of various industries such as aviation, railroads, marine transportation, finance, medical, and hotels.
The work and lives of many enterprises and individual users have been severely disrupted. Delta Air Lines CEO Bastian once stated that this "largest IT failure in history" caused thousands of customers to be stranded, resulting in a loss of 0.5 billion US dollars for the company.
Microsoft executives revealed to the media that the purpose of this meeting is to discuss how to prevent similar issues in the future. Participants will explore the possibility of applications relying more on the user mode rather than the more advanced kernel mode.
Applications in user mode are isolated, which means that if one of them crashes, other applications will not be affected. However, if an application in kernel mode fails, it may cause the entire Windows system to crash.
However, in order to achieve effective protection, security products need to use more low-level drivers and kernel technologies to implement proactive defenses against attackers. Therefore, endpoint protection software such as CrowdStrike, Check Point, and SentinelOne rely on kernel mode.
Previously, Apple had restricted kernel access in macOS and discouraged developers from using kernel extensions. In response to this, the unnamed Microsoft executive stated that removing kernel access permission in Windows would only solve a small part of the potential problems.
Microsoft executives also revealed that the September 10th event will discuss the use of eBPF (extended Berkeley Packet Filter) technology, as well as memory-safe programming languages such as Rust. Last year, Microsoft donated 1 million dollars to the Rust Foundation.
The press release also stated that in addition to ecosystem partners, Microsoft will also invite government representatives to participate in the conference to ensure the highest transparency in community collaboration. It is expected that the Windows Endpoint Security Ecosystem Summit will lead to short-term and long-term actions and initiatives.
Editor/Somer
