An article published in the Wall Street Journal today ends with an interesting point raised by a Microsoft spokesperson regarding the security of the Windows operating system. The spokesperson, although not quoted verbatim, reportedly told the WSJ that a 2009 agreement with the European Commission is the reason Microsoft cannot further lock down the operating system to make it more secure.
A spokesman said that after complaints, Microsoft reached an agreement with the European Commission in 2009 to give security software makers the same level of access to Windows as Microsoft, a decision that meant security software vendors had greater ability to disrupt the system. CrowdStrike crippled 8.5 million Windows PCs worldwide this week.Microsoft then Automated fix tool for affected users.
The document outlining the agreement between Microsoft and the European Commission can be found here Doc file on the Microsoft website.
This document states that Microsoft is obligated to provide APIs within the Windows client and server operating systems that are used in its security products to third-party security software manufacturers, and that Microsoft must document the APIs on the Microsoft Developer Network unless they pose a security risk.
Allowing security software vendors access to these APIs is a good thing in terms of providing a level playing field, which is what the EU was concerned about, but it’s not good for security, as we saw this week when CrowdStrike took critically important machines offline and caused chaos around the world.
Ironically, while the EU was aiming for fairness, Apple and Google, which make macOS and ChromeOS, are not currently bound by the same restrictions. According to the WSJ, Apple told developers in 2020 that its operating systems would no longer allow kernel-level access. The change meant developers had to modify their software, but it also meant fewer problems.
The European Union has stepped up measures in recent years to tackle so-called anti-competitive behaviour by big tech companies, and it is highly unlikely that it will go down a path that would allow Microsoft to further lock down Windows, despite the benefits it would bring.
sauce: The Wall Street Journal