Connect with us

Hi, what are you looking for?

Stock

Microsoft plans September cybersecurity event to discuss changes after CrowdStrike outage

Microsoft said Friday it will hold a conference in September for cybersecurity firms to discuss ways the industry can evolve following a faulty CrowdStrike software update that caused millions of Windows computers to crash in July.

The incident sent internet-connected systems into disarray. Airlines canceled thousands of flights, logistics companies reported package delivery delays and hospitals delayed medical appointments. Delta Air Lines, which said fallout from the outage cost the company $550 million, is seeking damages from CrowdStrike and Microsoft.

Microsoft will meet with CrowdStrike and other security companies at its campus in Redmond, Washington, on Sept. 10 to discuss how to prevent similar issues in the future, a Microsoft executive told CNBC in an interview. The person requested anonymity because they didn’t have approval to discuss internal matters publicly.

The executive said participants at the Windows Endpoint Security Ecosystem Summit will explore the possibility of having applications rely more on a part of Windows called user mode instead of the more privileged kernel mode.

Software from CrowdStrike Check Point, SentinelOne and others in the endpoint-protection market currently depend on kernel mode. Such access helps SentinelOne “monitor and stop bad behavior and prevent malware from turning off security software,” a spokesperson said.

Applications in user mode are isolated, meaning that if one crashes, it won’t bring down others. But an application in kernel mode that fails can cause all of Windows to crash. On July 19, CrowdStrike released a buggy content configuration update for its Falcon sensor for Windows computers, with the intent to gather data on new attacks, prompting crashes at the operating system level. IT administrators rebooted PCs that received the update displaying a “blue screen of death” screen, one by one.

The Microsoft executive said removing kernel access in Windows would only solve a small percentage of potential problems.

Apple in recent years has limited kernel access in macOS and the company discourages developers from using kernel extensions.

Attendees at Microsoft’s Sept. 10 event will also discuss the adoption of eBPF technology, which checks if programs will run without triggering system crashes, and memory-safe programming languages such as Rust, the executive said.

Last year Microsoft donated $1 million to the nonprofit Rust Foundation, which pays stipends to people working on the language.

Microsoft competes with CrowdStrike with its Defender for Endpoint product. That team will attend like any other cybersecurity company and won’t receive preferential treatment, the executive said.

“We will share further updates on these conversations following the event,” Microsoft Corporate Vice President Aidan Marcuss wrote in a blog post.

This post appeared first on NBC NEWS

Enter Your Information Below To Receive Free Trading Ideas, Latest News And Articles.







    Fill Out & Get More Relevant News





    Stay ahead of the market and unlock exclusive trading insights & timely news. We value your privacy - your information is secure, and you can unsubscribe anytime. Gain an edge with hand-picked trading opportunities, stay informed with market-moving updates, and learn from expert tips & strategies.

    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Investing

    The Senate is expected to send a temporary spending package known as a Continuing Resolution (CR) to the White House, averting a government shutdown before...

    Investing

    Sen. Tommy Tuberville’s, R-Ala., colleagues pleaded on the Senate floor early Thursday morning – from midnight until nearly 4 a.m. – to drop his objection to...

    Latest News

    A bipartisan ethics report concludes there is “substantial evidence” that George Santos violated federal criminal laws, which will almost certainly trigger another attempt to...

    Editor's Pick

    Helium Evolution Incorporated (TSXV:HEVI) (‘ HEVI ‘ or the ‘ Company ‘), a Canadian-based helium exploration company focused on developing assets in southern Saskatchewan,...

    Disclaimer: Goldenliontraders.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2023 Goldenliontraders.com