Cloud Security Alliance News Clipping Site

Slashdot: Microsoft Rolls Out Recovery Tools After CrowdStrike Incident

Nov 19, 2024

—

Source URL: https://it.slashdot.org/story/24/11/19/180210/microsoft-rolls-out-recovery-tools-after-crowdstrike-incident?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Microsoft Rolls Out Recovery Tools After CrowdStrike Incident

Feedly Summary:

AI Summary and Description: Yes

Summary: Microsoft is implementing significant changes to its Windows security architecture to enhance system resilience and response capabilities. Key features include a remote recovery initiative for unbootable systems and stricter guidelines for third-party security testing, aimed at mitigating risks similar to the recent CrowdStrike incident.

Detailed Description: The updates announced by Microsoft signify a proactive approach to enhancing Windows security postures, particularly in light of vulnerabilities demonstrated by past incidents. Here are the major points of interest:

– **Windows Resiliency Initiative**:
– Introduction of the **Quick Machine Recovery** feature, which permits IT admins to remotely address and fix unbootable devices.
– Development of an **enhanced Windows Recovery Environment** to facilitate these recovery efforts.

– **Regulatory Measures for Security Vendors**:
– The establishment of the **Microsoft Virus Initiative**, which introduces more stringent testing and deployment protocols for security products.
– Emphasis on gradual rollouts and rigorous monitoring to ensure vendor solutions do not introduce new vulnerabilities.

– **Antivirus Framework Development**:
– Microsoft is working on a framework that will allow antivirus processing to occur outside the Windows kernel, significantly minimizing the risk of system-wide compromises.
– A preview for this new framework is scheduled for launch with security partners in **July 2025**.

These changes are particularly relevant for professionals in the domains of cloud and infrastructure security, as they underline the importance of resilience and proactive threat management in modern operating systems. Additionally, adherence to stricter vendor regulations could lead to improved trust and security in third-party security tools.

2 4 Act AI anti antivirus Antivirus Framework Arch architecture art as by C capabilities Cloud CrowdStrike CrowdStrike incident D demo deployment development DoT e end environment features framework Gen Go guidelines http HTTPS in incident infrastructure infrastructure security inter ite k kernel l Link low mac management Microsoft Mila mitigating risks monitoring no non o of on operating system operating systems ory post proactive products professionals protocol QUIC RCE recovery Regulation regulations regulatory regulatory measures resilience resiliency response response capabilities Risk risks Rust s sec security security architecture security posture security postures security products security testing security tools security vendors side Sig Sim source system systems T Testing third third-party third-party security tools threat management to tools Tor trust up update updates vendor vendors vulnerabilities Wind Windows Windows kernel Windows security x