In 2024, one of the most notorious technological failures in recent times occurred. It was in July, when a buggy update to CrowdStrike Falcon software caused chaos: millions of Windows PCs began displaying the dreaded blue screens and restarting over and over again without stopping.
The problem spread everywhere: businesses, banks, airports... no one was spared. And of course, after something like that, Microsoft wants to avoid something similar happening again at all costs. That's why it's taking an important step: it's building a new security platform to better protect computers, and part of that change involves removing antivirus and other detection systems from the Windows kernel. This reduces the risk of an external failure directly affecting the heart of the operating system.
In 2024, a CrowdStrike error left half the world with blue screens
Microsoft joins forces with cybersecurity leaders to create its new platform
Microsoft does not want to go it alone in strengthening Windows security. That is why it is working closely with several cybersecurity providers to shape a new platform that better protects the operating system.
All this comes in the wake of the disaster caused by the CrowdStrike Falcon failure, which brought half the world to a standstill: from businesses to financial markets and airports. A few months later, Microsoft announced that it was going to make major changes, including removing antivirus software from the Windows kernel, to prevent something like this from happening again.
To do this, it has collaborated with big names in the industry such as CrowdStrike, Bitdefender, Trend Micro, ESET, among others. And it's not just that it has notified them: they have been truly involved in the process.
In fact, David Weston, vice president of enterprise security at Microsoft, said in an interview with The Verge that many of these partners shared documents with ideas, suggestions, and even proposals on how they would like this new platform to work, what tools they would need, and how everything should be integrated.
The most interesting thing is that, according to Weston, even though these companies compete with each other, they didn't hesitate to collaborate. They all agreed that it's worth working together to build something that benefits everyone equally.
This failure caused blue screens that affected multiple sectors
Read more: Microsoft Strengthens Cloud Security with Windows 365
More secure Windows: Microsoft limits access to the kernel for antivirus and anti-cheat software
For years, Microsoft has designed Windows so that security developers can integrate deeply into the system, even reaching the deepest level: the kernel. This has its advantages, of course, but also its risks... as was clearly demonstrated by the CrowdStrike failure.
That incident made it clear that a single faulty driver in the kernel is enough to knock out millions of computers. And seeing the chaos it caused, Microsoft decided to get to work: its engineers are already working on a solution to rethink how security tools work in Windows.
The idea is clear: minimize the tools that operate at the kernel level, starting with antivirus and endpoint response solutions. It's a profound change, so it won't happen overnight. For a while, there will still be drivers operating at that level, but the intention is to phase them out gradually.
When Microsoft releases a first version of this new platform, security vendors will be able to give their feedback and suggest improvements. The hope is to build a solution that works well for everyone, without the problems of the past.
But this doesn't just affect the world of cybersecurity. Video games are also in the spotlight. Many anti-piracy and anti-cheating systems run within the kernel, which can affect game performance or even cause errors.
Microsoft is already talking to studios and developers to find ways to reduce this dependence on the kernel, although the road ahead will not be easy. Many game creators do not want to have to use that level of the system, but the use of cheats and cheat software forces them to do so. Still, it is positive to see that Microsoft is trying to find a balance that protects everyone without compromising the stability of the system.
Of course, all this will take time. There are no magic solutions, but Microsoft is committed to change. What's more, after what happened with CrowdStrike, they are also developing tools to help quickly recover a computer in the event of critical errors, such as when it fails to boot properly.
In short, what happened served as a wake-up call. Microsoft has taken note and is working to make Windows more secure, stable, and future-proof for both users and developers.