Giving OP the benefit of the doubt, there were issues with how the Windows kernel had little guardrails and restrictions.
That said, that was the EU's fault, as the EU in 2009 forced Microsoft to fully expose their OS internals to outside vendors during an anti-trust settlement, and with little ability to enforce vendor standards:
""Microsoft shall make available to interested undertakings Interoperability Information that enables non-Microsoft server Software Products to interoperate with Windows Server Operating System on an equal footing with other Microsoft Server Software Products.
"Microsoft shall ensure on an ongoing basis and in a Timely Manner that the APIs in the Windows Client PC Operating System and the Windows Server Operating System that are called on by Microsoft Security Software Products are documented and available for use by third-party security software products that run on the Windows Client PC Operating System and/or the Windows Server Operating System.
These APIs will be documented on the Microsoft Developer Network, unless open publication would create security risks. In such circumstances, Microsoft will provide third-party security vendors with access to such APIs pursuant to a royalty-free license and on fair, reasonable and non-discriminatory terms." [0]
This meant that by offering Microsoft Defender for Endpoint, Microsoft needs to give similar access to the underlying kernel to competing vendors like CRWD and S1.
Well, I hate Microsoft as much as the next person, but I'm not sure "writing a buggy kernel module can crash the kernel" is much of an indictment of Windows in particular...
The EU defense is something they claim to shirk responsibility, best left to their PR team. Nothing prevented Microsoft from following Apple’s lead in having safer APIs to perform filtering. Note how it refers to “equal footing”? That means that they have to let other people do what Defender does, not that they can’t secure Windows at all.
The obvious answer would've been to create a secure public API and have defender use that. But like always, corporations throw a hissy fit and implement the worst possible version of the ruling. Then people hate the EU instead of the corporation for no good reason.
It's the exact same thing as with Google Maps in Google Search. The EU did NOT say "Remove Google Maps" it said "Give competitors equal opportunity". The most user-hostile choice was removing the Google Maps integration entirely (because "no access" is still "equal access"), instead of offering users the choice.
Personally, the digital policies are one of the few things the EU generally gets right, and (as unrealistic as it is) I hope all the Googles and Apples go choke on it and di...solve.
> Giving OP the benefit of the doubt, there were issues with how the Windows kernel had little guardrails and restrictions.
This also wasn't Microsofts fault. It was bad kernel code, and don't say you would like microsoft to audit everyone else's code before it can be deployed somewhere.
Security by obscurity is a bad security concept. If anything making that information available prevented things from lurking in there and doing even more damage.
alephnerd|7 months ago
That said, that was the EU's fault, as the EU in 2009 forced Microsoft to fully expose their OS internals to outside vendors during an anti-trust settlement, and with little ability to enforce vendor standards:
""Microsoft shall make available to interested undertakings Interoperability Information that enables non-Microsoft server Software Products to interoperate with Windows Server Operating System on an equal footing with other Microsoft Server Software Products.
"Microsoft shall ensure on an ongoing basis and in a Timely Manner that the APIs in the Windows Client PC Operating System and the Windows Server Operating System that are called on by Microsoft Security Software Products are documented and available for use by third-party security software products that run on the Windows Client PC Operating System and/or the Windows Server Operating System.
These APIs will be documented on the Microsoft Developer Network, unless open publication would create security risks. In such circumstances, Microsoft will provide third-party security vendors with access to such APIs pursuant to a royalty-free license and on fair, reasonable and non-discriminatory terms." [0]
This meant that by offering Microsoft Defender for Endpoint, Microsoft needs to give similar access to the underlying kernel to competing vendors like CRWD and S1.
[0] - https://news.microsoft.com/download/archived/presskits/eu-ms...
zanecodes|7 months ago
acdha|7 months ago
LinXitoW|7 months ago
It's the exact same thing as with Google Maps in Google Search. The EU did NOT say "Remove Google Maps" it said "Give competitors equal opportunity". The most user-hostile choice was removing the Google Maps integration entirely (because "no access" is still "equal access"), instead of offering users the choice.
Personally, the digital policies are one of the few things the EU generally gets right, and (as unrealistic as it is) I hope all the Googles and Apples go choke on it and di...solve.
bilekas|7 months ago
This also wasn't Microsofts fault. It was bad kernel code, and don't say you would like microsoft to audit everyone else's code before it can be deployed somewhere.
zelphirkalt|7 months ago
redeeman|7 months ago
exabrial|7 months ago
_carbyau_|7 months ago
It was misconfigured software running inside the kernel.
The issue was this misconfiguration was "urgently pushed" from Crowdstrike and depending on who you believe it overrode customer testing policies.