A CrowdStrike executive told a US Congressional hearing on Tuesday that the company’s endpoint detection and response sensor has to continue accessing the Windows kernel, despite criticism by some ...

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

It’s been nearly a year since a faulty CrowdStrike update took down 8.5 million Windows-based machines around the world, and Microsoft wants to ensure such a problem never happens again. After holding ...

Kernel level access was discussed at the Windows Endpoint Security Ecosystem Summit, a meeting between Microsoft, government officials and cybersecurity companies on Sept. 10. It’s been nearly two ...

Following the massive Windows outage in July caused by a defective CrowdStrike update, Microsoft is working on a way to allow security products to ‘run in user mode just as apps do,’ Microsoft’s David ...

John Cable writes for Microsoft’s IT blog: This incident shows clearly that Windows must prioritize change and innovation in the area of end-to-end resilience. These improvements must go hand in hand ...

Cybersecurity giant CrowdStrike apologizes for “letting customers down” after a faulty update of its Falcon sensor disabled millions of PCs on 19 July. Adam Meyers, VP for counter-adversary operations ...

In brief: In the hours following Friday's global Windows BSOD, many wondered why CrowdStrike software was allowed full Windows kernel access. Microsoft now claims that a 15-year-old agreement with ...