Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,177
- Points
- 113
How European laws opened CrowdStrike's doors to the heart of the system.
Microsoft found itself in the spotlight after an incident with the CrowdStrike software. The CrowdStrike update caused major disruptions to the Windows operating system and a wave of blue screens of death for users around the world.
CrowdStrike and similar security tools are integrated deep into the OS kernel. This way, they can carefully monitor all processes and effectively detect malware. However, the advanced access level also has a downside: if a program crashes, it can disrupt the functioning of the entire system.
The case raised an important question: why are third-party developers, such as CrowdStrike, allowed to work at such a deep level of the operating system, where any mistake can lead to disastrous consequences?
In an attempt to explain the situation, a Microsoft representative referred to a 2009 agreement with the European Commission. According to this document, Microsoft has committed to provide equal access to the Windows API for both its own security products and third-party developers. This decision was made within the framework of antimonopoly regulation and was supposed to create equal conditions in the cybersecurity software market.
The agreement, in particular, states: "Microsoft is committed to ensuring that the APIs used by Microsoft security products on the Windows client OS and Windows server OS are documented and available for use by third-party security products on an ongoing and timely basis."
However, experts note that this agreement did not oblige Microsoft to provide access directly to the operating system kernel. The company could create an API outside the core that would meet the requirements of the agreement, but at the same time not expose the system to such serious risks.
Interestingly, Apple's macOS operating system has a more secure core architecture. Indeed, it's curious why Microsoft didn't follow a similar approach.
While Microsoft is not directly responsible for the crash caused by the CrowdStrike update, the incident also raises questions about the security and stability of the Windows architecture. The company has not yet made any official comments on its position.
It is worth noting that Windows is not the only operating system that allows third-party software to work at such a deep level. However, due to the widespread adoption of Windows, any problems of this kind become public and cause a strong reaction.
Source
Microsoft found itself in the spotlight after an incident with the CrowdStrike software. The CrowdStrike update caused major disruptions to the Windows operating system and a wave of blue screens of death for users around the world.
CrowdStrike and similar security tools are integrated deep into the OS kernel. This way, they can carefully monitor all processes and effectively detect malware. However, the advanced access level also has a downside: if a program crashes, it can disrupt the functioning of the entire system.
The case raised an important question: why are third-party developers, such as CrowdStrike, allowed to work at such a deep level of the operating system, where any mistake can lead to disastrous consequences?
In an attempt to explain the situation, a Microsoft representative referred to a 2009 agreement with the European Commission. According to this document, Microsoft has committed to provide equal access to the Windows API for both its own security products and third-party developers. This decision was made within the framework of antimonopoly regulation and was supposed to create equal conditions in the cybersecurity software market.
The agreement, in particular, states: "Microsoft is committed to ensuring that the APIs used by Microsoft security products on the Windows client OS and Windows server OS are documented and available for use by third-party security products on an ongoing and timely basis."
However, experts note that this agreement did not oblige Microsoft to provide access directly to the operating system kernel. The company could create an API outside the core that would meet the requirements of the agreement, but at the same time not expose the system to such serious risks.
Interestingly, Apple's macOS operating system has a more secure core architecture. Indeed, it's curious why Microsoft didn't follow a similar approach.
While Microsoft is not directly responsible for the crash caused by the CrowdStrike update, the incident also raises questions about the security and stability of the Windows architecture. The company has not yet made any official comments on its position.
It is worth noting that Windows is not the only operating system that allows third-party software to work at such a deep level. However, due to the widespread adoption of Windows, any problems of this kind become public and cause a strong reaction.
Source
