Well, I guess CrowdStrike (or anyone else) wouldn’t be happy if they had to suddenly rewrite their entire codebase for the new way. And it might be missing features at first, etc.
Here’s a quote from some security VP from Microsoft:
at this point, we have no plans to revoke kernel access from anyone. It doesn’t mean that can’t change in the future, but we have no plans to do that. Our goal is to create an equivalent, and an option, for user mode.
Well, I guess CrowdStrike (or anyone else) wouldn’t be happy if they had to suddenly rewrite their entire codebase for the new way. And it might be missing features at first, etc.
Here’s a quote from some security VP from Microsoft:
https://www.securityweek.com/microsofts-take-on-kernel-access-and-safe-deployment-practices-following-crowdstrike-incident/