In the aftermath of the recovery from the incident caused by CrowdStrike’s erroneous update, companies and technology experts are wondering how such a massive failure could occur. Microsoft has pointed to the European Union (EU) as one of the key factors behind this issue.
Kernel Level Access: A Controversial Decision
The root of the problem lies in the privileges that CrowdStrike and other security applications had in the Windows operating system. In 2009, Microsoft agreed to grant third-party security software developers access to the kernel level, the core of the operating system. This access, which allows for deep control of the system, has come under scrutiny following the recent incident.
This policy starkly contrasts with Apple’s approach. In 2020, Apple revoked kernel level access for other manufacturers, requiring them to rewrite their software for macOS. This measure ensures greater system protection, ensuring that in case of failures, the operating system is not compromised entirely.
Pressures from the European Commission
The reasoning behind Microsoft’s decision to grant these privileges dates back to pressures from the European Commission. The Commission was concerned about the potential monopoly of Microsoft Defender in the cybersecurity market, leading Microsoft to allow other manufacturers to have the same level of access to the operating system.
Differences Between Microsoft and Apple
It is crucial to recognize that the circumstances of Microsoft and Apple are different, especially in the corporate realm. While almost all computers worldwide run on Windows, with a vast ecosystem of third-party software and a diversity of hardware, macOS holds a much smaller market share, allowing Apple to be more stringent with its kernel access rules.
According to the latest StatCounter data, Windows controls more than 70% of the global operating system market share, while macOS holds around 14%. This difference makes it easier for Apple to impose restrictions that would be impractical for Microsoft, given the need for compatibility with a wide range of software and hardware.
Future of Kernel Access
Currently, there is no official statement from Microsoft on whether it will review the agreement reached with the EU regarding this access. However, it is understandable that security manufacturers may need a certain level of kernel access to effectively protect the Windows operating system against potential threats.
In conclusion, as companies continue to recover from the CrowdStrike incident, it is evident that decisions regarding kernel access management and regulatory pressures have a significant impact on the security of operating systems. The response to these issues will determine how future risks and vulnerabilities in the Windows ecosystem will be handled.