Computer Weekly

Why is CrowdStrike allowed to run in the Windows kernel?

A 2009 EU anti-competition ruling has been used as a line of defence by Microsoft as questions are being asked over why a third-party product was able to take down Windows. On Friday 19 July, 8.5 ...

Microsoft tells crusty old kernel drivers to get with the Windows Hardware Compatibility Program

That said, administrators can still allow custom kernel drivers via the Application Control for Business policy to override the default kernel policy. Microsoft foresees this being used for ...
CSOonline

Microsoft shifts focus to kernel-level security after CrowdStrike incident

The CrowdStrike incident that affected more than 8.5 million Windows PCs worldwide and forced users to face the “Blue Screen of Death,” made Microsoft sit down and revisit the resilience of its ...
Dark Reading

Hackers Exploit Policy Loophole in Windows Kernel Drivers

Hackers are using open source tools to exploit a Windows policy loophole for kernel mode drivers to load malicious and unverified drivers with expired certificates, researchers have found. The ...
CSOonline

Microsoft hints at revoking access to the Windows kernel — eventually

A new Microsoft announcement suggests it has found a way to deliver kernel-level visibility and capabilities to apps running in user mode. Experts conclude a ban on kernel access for cybersecurity ...