Skip to content

Microsoft unveils 4 security features to prevent future outage incidents

  • by
  • 2 min read

Microsoft is taking steps to prevent CrowdStrike-like outages, such as releasing a new Quick Machine Recovery tool, overhauling Kernel Mode, implementing Administrator Protection, and considering hot patches for Windows.

The CrowdStrike incident, in which a faulty update to the company’s Falcon security software disrupted the Windows kernel and crashed affected machines, highlighted vulnerabilities in Windows’ architecture.

Although Microsoft downplayed the issue as an anomaly, the company has since acknowledged the need for substantial changes to mitigate future risks.

During its Microsoft Ignite 2024 event, Microsoft unveiled a slew of features. Among the primary tools is Quick Machine Recovery, scheduled for release in early 2025. This tool empowers IT administrators to remotely implement software fixes on devices that fail to boot, minimising downtime and ensuring critical systems can recover swiftly after a failure.

A pivotal announcement was Microsoft’s plan to allow security software to operate outside of Windows’ kernel mode by July 2025. This addresses the root cause of the CrowdStrike outage and marks a significant shift in how antivirus and security tools interact with the Windows operating system.

The new features by Microsoft aim to prevent future CrowdStrike-like global outage incidents.

David Weston, Microsoft’s Vice President of Enterprise and OS Security, highlights that isolating critical security functions from the kernel reduces the risks of cascading failures caused by software errors, reports TechCrunch.

Microsoft is also introducing Administrator Protection, a feature that grants temporary administrative privileges for specific tasks without permanently elevating a user’s permissions. By leveraging Windows Hello biometric authentication, users can securely authorise changes, while attackers face an additional layer of defence.

To tackle one of the most common pain points in enterprise IT management — system downtime during updates — Microsoft is previewing hot-patching for Windows 11 Enterprise 24H2 and Windows 365. This feature applies updates in the background without reboot, making timely updates more convenient for users.

While the new features and initiatives showcased at Ignite 2024 will not be fully rolled out for another year or more, they signal a change in Microsoft’s approach.

In the News: Earth Kasha’s new campaign targets India, Japan and Taiwan

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>