- Microsoft launches the Windows Resiliency Initiative.
- The goal is to prevent incidents like the CrowdStrike debacle.
Microsoft recently unveiled its Windows Resiliency Initiative, aiming to step up security, boost reliability, and keep system integrity solid. Essentially, it’s about avoiding mishaps like the CrowdStrike incident earlier this year, while giving users and apps more flexibility without needing admin privileges. Plus, it’s rolling out tighter controls for managing risky apps and drivers, and adding new ways to safeguard personal data through encryption.
At its core, this initiative introduces significant updates to Windows to make life easier for customers. Think faster recovery for Windows-based devices if something like the CrowdStrike scenario happens again. There are also platform improvements that give IT teams more say in what apps and drivers can run, along with moving antivirus processing outside of the kernel space—a smart move for system security.
One of the headline features is Quick Machine Recovery. It’s a new tool designed to let IT admins fix machines remotely, even when hardware is having trouble booting up. The feature builds on enhancements to the Windows Recovery Environment (Windows RE).
“In a future event, hopefully that never happens, we could push out [an update] from Windows Update to this Recovery Environment that says delete this file for everyone,” explained David Weston, Microsoft’s vice president of enterprise and OS security, during an interview with The Verge. It gives Microsoft the ability to quickly address widespread issues by deploying targeted fixes directly to machines, even when traditional methods don’t work.
Since the CrowdStrike hiccup, Weston’s been in constant talks with customers. Clients’ message? “We need better recovery tools, smarter deployment practices from vendors, and a stronger, more resilient Windows.” Weston put it succinctly: “Every one of them is saying I owe my board a response on how this doesn’t happen again.”
Microsoft has responded by tightening the reins on security vendors in its Microsoft Virus Initiative (MVI). Now, vendors need to follow stricter protocols, including better testing, safer update rollouts, and robust monitoring and recovery processes.
A big part of the plan involves shifting antivirus processing outside of the kernel, as CrowdStrike software operated at the kernel level, and therefore had deep system access—enough to trigger those infamous Blue Screens of Death. Moving AV outside the kernel should help prevent similar issues.
“We’re developing a framework that [security vendors] want to use and they’re incentivised to use,” Weston said, hinting at Microsoft’s ongoing work to create a solution that balances technical challenges with vendor needs. A preview of the new framework is set to roll out to security partners in July 2025.
The stakes are high, but Microsoft is confident. “We sort of control physics here,” Weston said. “We can change the memory manager or the driver framework, and we don’t have to abide by the rules that a third-party developer would. That’s why I’m bullish on our ability to execute here.”
Microsoft isn’t stopping there. Coming soon to Windows 11 is Administrator Protection, a handy feature for users who want the security of a standard account but need admin rights for specific tasks. It works by temporarily granting admin privileges for a task once a user authenticates with Windows Hello. When the task is done, the privileges are automatically revoked. “Windows creates a temporary isolated admin token to get the job done,” Weston explained. “This temporary token is immediately destroyed once the task is complete, ensuring that admin privileges do not persist.”
And let’s not forget Microsoft’s ongoing commitment to memory-safe programming languages like Rust. Following guidance from the White House, Microsoft is gradually replacing parts of Windows written in C++ with Rust, further improving the OS’s security foundation.
In short, Microsoft is doubling down on security, resilience, and smarter tools for its customers. With initiatives like these, they’re tackling the challenges head-on and building a safer, more reliable Windows for everyone.
Looking to revamp your digital transformation strategy? Learn more about Digital Transformation Week taking place in Amsterdam, California, and London. The comprehensive event is co-located with IoT Tech Expo, AI & Big Data Expo, Cyber Security & Cloud Expo, and other leading events.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.
