Microsoft is making changes to Windows to get antivirus apps out of the kernel. A private preview is being released to security vendors in July. Microsoft wants to avoid another CrowdStrike incident.

Microsoft says it's working on Windows to allow endpoint security solutions to operate effectively outside of the operating system's kernel, all with a view to preventing any future CrowdStrike ...

To strengthen the security of its operating system, the company is partnering with antivirus makers and other security vendors to keep potentially harmful code out of the Windows kernel space.

Microsoft emphasized that the meeting was not focused on decision-making, though attendees appeared to reach a provisional agreement to explore ways to improve Windows 11 security outside the kernel.

This will enable them to build their IT security solutions to run outside the Windows kernel. Software such as antivirus and endpoint protection will then be in user mode, just like normal apps.

In a statement responding to CRN’s interview with SentinelOne CEO Tomer Weingarten, CrowdStrike says that its July 19 update did not bypass Microsoft’s ‘clear kernel review process.’ ...

Those flaws were discovered in CPU architectures from the likes of AMD, Arm, and Intel, in which hardware that employed ...