Bleeping Computer

New Windows Driver Signature bypass allows kernel rootkit installs

Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of ...
CRN

Microsoft Exec: Windows Will Enable Security Tools To Run ‘Outside Of Kernel Mode’

Following the massive Windows outage in July caused by a defective CrowdStrike update, Microsoft is working on a way to allow security products to ‘run in user mode just as apps do,’ Microsoft’s David ...
ZDNet

Microsoft rolls out Windows security changes to prevent another CrowdStrike meltdown

Last summer's CrowdStrike meltdown was a nightmare for network administrators worldwide, disrupting healthcare systems, cutting off access to banking systems, and grounding aircraft. All in all, the ...
The Verge

Microsoft is building new Windows security features to prevent another CrowdStrike incident

There’s no talk of locking down the Windows kernel just yet, but Microsoft clearly wants to move endpoint security systems out of there. There’s no talk of locking down the Windows kernel just yet, ...
TechSpot

The Windows kernel is about to receive a security-focused redesign after CrowdStrike crash

Why it matters: The kernel space is the core component of a computer operating system, where critical hardware management and device driver code reside in memory. If a kernel-level driver malfunctions ...
CRN

Analysis: Microsoft Won’t Evict Security Vendors From The Windows Kernel Anytime Soon

While Microsoft is taking steps to provide an alternative way for endpoint security vendors to operate in Windows following the massive July outage, there are no signs this new option will become ...