Microsoft will bring together its security industry partners in September to discuss how to avoid another Crowdstrike fiasco in the future.

Microsoft will host a Windows Endpoint Security Summit on September 10 at its headquarters in Redmond, CNBC reports. Its key security partners for Windows will receive an invitation. Crowdstrike, the company that inspired this special conference, will also be in attendance.

For those who haven’t been following the news on July 19 and the weeks that followed, a failed Crowdstrike update brought down more than 8.5 million Windows PCs. This led to unprecedented IT chaos on a global scale. Air traffic was hit particularly hard, with more than a thousand flights being cancelled in one day. The damage caused by the crash threatens to run into billions of dollars.

From the kernel

Microsoft now wants to discuss with its partners how to avoid a fiasco of this magnitude in the future. The company believes that the cause of the crash lies in the remote access to the Windows kernel that Crowdstrike and other security vendors receive. Microsoft wants to set up a new system where this is no longer necessary without compromising the security of Windows.

The proposed alternative is so-called VBS enclaves. They provide an isolated environment for software like CrowdStrike, allowing it to run with the same security guarantees as a kernel-mode application. In other words, malware cannot attack the software in a VBS enclave any more than kernel-level code can.

Other topics of discussion during the conference include the implementation of eBPF technology to control programs more thoroughly without causing system crashes. Crowdstrike has already indicated in its own post-incident analysis that a bug in the automated control system was the cause of the crash. In addition, Microsoft also wants to encourage the use of safer programming languages ​​such as Rust to replace the commonly used C or C++.