The Windows kernel is about to receive a security-focused redesign after CrowdStrike crash

A

Alfonso Maruccia

Posts: 1,830   +549
Staff
Why it matters: The kernel space is the core component of a computer operating system, where critical hardware management and device driver code reside in memory. If a kernel-level driver malfunctions, the entire OS can behave erratically – or simply crash and burn with a BSOD. Microsoft has stated that it is working on a significant change to the Windows architecture to help prevent another large-scale incident like the one involving CrowdStrike a year ago.

Microsoft is developing a new security model built around a safer kernel architecture. To strengthen the security of its operating system, the company is partnering with antivirus makers and other security vendors to keep potentially harmful code out of the Windows kernel space. This collaborative effort is part of a broader push to modernize the platform's core, making it more resilient against low-level threats and software failures.

A faulty update released by the Austin-based cybersecurity company CrowdStrike caused millions of Windows machines to crash worldwide, leading to widespread disruptions across multiple industries. After identifying the source of the issue, Microsoft announced that more permanent, long-term solutions would be implemented to make Windows a more resilient – and, ideally, crash-free – computing platform.

According to Microsoft VP David Weston, the company is now working closely with CrowdStrike, Bitdefender, ESET, Trend Micro, and other major security vendors to develop these long-term solutions. "Dozens" of partners have submitted technical papers, some of which are hundreds of pages long, to detail their requirements for the new platform.

"It's an industry of competitors, but everyone has stepped up and said, 'We've got to build a platform that all of us can work on,'" Weston said in a recent interview.

This time, Microsoft isn't interested in imposing a fixed set of rules or APIs for antivirus and security software in Windows. Instead, closer cooperation with vendors is essential to ease the transition from the old, kernel-based paradigm to the new model. Without this collaboration, enforcing the new approach across the antivirus industry would be a significant challenge.

The infamous BSOD is getting a black makeover, too.

Weston confirmed that some of the most knowledgeable Windows engineers are working on the changes to the operating system. Key developers of the Windows kernel and people who usually don't work in security are involved in the effort, alongside contributors from third-party companies.

Microsoft plans to provide a number of private Windows builds to its partners, allowing them to evaluate the new code and request changes as needed. While the company acknowledges that the new model may not resolve all kernel-related reliability issues, it remains optimistic about the direction it's taking. Microsoft developers have also engaged with game studios to discuss kernel-level drivers for anti-cheating engines and expect to share further updates on the topic in the near future.

Permalink to story:

The Windows kernel is about to receive a security-focused redesign after CrowdStrike crash

 
I'm not sure modern programmers could realistically write kernel code for a popular OS like Windows any more. If they tried, there's a high risk they'd inadvertently break things. The original veterans who truly understood the deep intricacies have long since retired and even they might struggle to recall everything now. The kernel has become something of a relic, a complex system that's difficult to evolve. Trying to completely redesign it and rewrite it feels like a dead end – they could spend decades and a fortune, potentially ending up with nothing functional. It reminds me a bit of that perpetually delayed game, Star Citizen.

A potentially more promising approach might be to train an AI to rewrite the functionality – the intent – of the most problematic C++ code sections in the kernel (like driver interfaces, network stack components and memory management subsystems) into Rust. This wouldn't be a complete overhaul, just targeted improvements. Of course, training an AI with the necessary context is a significant challenge, but they have access to vast codebases on GitHub and as a software company, they certainly have the expertise. This path could potentially yield results much faster, maybe even within a year or two.
 
  • Like
Reactions: ThomasTECH
unoficialoficial said:
A potentially more promising approach might be to train an AI to rewrite the functionality
Click to expand...

Have you tried using AI to optimize code? I have , for SQL and it absolutely sucks. Using AI to optimize code is two-fold.
1. AI needs to have complete knowledge of all the syntax and its functions...(which if all the Kernel devs are dead or senile, well then..)
2. AI needs the output / datasets thats being fed thru the code to understand the 'why' and 'how' code is being used. Another touchy subject since that involves sharing data that alot are reluctant to hand over for a multitude of reasons.

 
The Kernal needs to be re-optimized however, the effort will likely be something more devious here. Some optimization but mostly devious, not many even understand the kernel design and supporting architecture. I can't say I do fully, conceptually perhaps. Once the kernel is redesigned it could open up opportunities for application layer developers significantly.
 
You must log in or register to reply here.

Similar threads

zohaibahd
New Microsoft Windows recovery feature aims to prevent CrowdStrike-like outages
Replies
3
Views
221
bitwarden
B
D
Apple to unveil "Solarium" UI redesign for iOS, macOS, and more at WWDC
Replies
5
Views
281
guillejp
guillejp
midian182
MSI's new Toy Story PC features Buzz Lightyear GPU, Woody motherboard, and more
Replies
4
Views
52
New Day
N

Latest posts

Back