Microsoft Announces September Cybersecurity Event to Address Changes Following CrowdStrike Outage

• An event for industry peers will be hosted by Microsoft at its Redmond, Washington campus on Sept. 10.
• In two months, a buggy update from CrowdStrike caused millions of Windows computers to crash, and now another event is happening.
• Attendees of the gathering will discuss the possibility of utilizing a more secure section of Windows instead of the privileged kernel mode used by CrowdStrike's software.

The company announced that it will host a conference in September for cybersecurity firms to discuss ways the industry can evolve after a faulty software update caused millions of Windows computers to crash in July.

CrowdStrike and Microsoft are being sued by a company that claims to have lost $550 million due to an incident that caused internet-connected systems to malfunction. This incident resulted in airlines canceling thousands of flights, logistics companies reporting package delivery delays, and hospitals delaying medical appointments.

Microsoft will hold a meeting with CrowdStrike and other security companies at its Redmond, Washington campus on Sept. 10 to discuss ways to prevent future issues, a Microsoft executive told CNBC in an interview. The source requested anonymity as they did not have approval to discuss internal matters publicly.

At the Windows Endpoint Security Ecosystem Summit, the executive discussed the possibility of applications relying more on user mode instead of kernel mode for enhanced security.

CrowdStrike and other endpoint-protection software currently use kernel mode to monitor and stop bad behavior, preventing malware from disabling security software, a spokesperson stated.

Windows applications in kernel mode can cause the entire operating system to crash if they fail, while isolated user-mode applications only affect their own processes. On July 19, CrowdStrike released a faulty content configuration update for its Falcon sensor on Windows computers, intending to collect data on new attacks. This update caused operating system crashes, prompting IT administrators to reboot PCs one by one, displaying a "blue screen of death" screen.

A Microsoft executive stated that taking away kernel access in Windows would only address a minor portion of possible issues.

In recent years, kernel access in macOS has been restricted, and the company has advised developers against using kernel extensions.

The executive stated that attendees at Microsoft's Sept. 10 event will discuss the adoption of eBPF technology and memory-safe programming languages such as Rust, which ensure programs run without causing system crashes and improve safety.

In 2020, Microsoft contributed $1 million to the Rust Foundation, a nonprofit organization that provides financial support to individuals working on the language.

Microsoft competes with CrowdStrike in the cybersecurity market, and its Defender for Endpoint product is in competition with CrowdStrike's offerings. However, the team representing Microsoft will attend the event like any other cybersecurity company and will not receive preferential treatment, the executive stated.

Microsoft Corporate Vice President Aidan Marcuss wrote in a blog post that we will provide additional information about these discussions after the event.

CrowdStrike is being criticized by Delta for the outage that occurred, with Delta stating that it cost them $380 million in revenue.