Microsoft Is Making Major Changes to Windows Security
Microsoft brings big changes to the way third -party antivirus works under the hood as part of a “Windows resilience” initiative. This could have an impact on how the anti-tricke in your favorite game works on the configuration of the safety of business cloud servers.
Return antivirus access to the Windows kernel
In the current state of things today, third -party antivirus applications perform a “nucleus level”, which means that they have full and total access to the most basic functions of the operating system. In practical terms, it has a huge advantage: antivirus can do everything it needs to protect your system.
On the other hand, it also opens a whole series of problems.
Related
What is the Linux nucleus, and why is it important?
What is there at the center of all this?
Access to the kernel level means that a defect with the security software can completely deactivate a PC in certain circumstances, which Microsoft notes in its press release: “This change will help safety developers provide a high level of reliability and easier recovery, which will lead to less impact on Windows devices in the event of unexpected problems.“”
The “unexpected problems” with security software was a big problem in 2024, when a defective crowdstrike update disabled a huge number of Windows devices, costing hundreds of millions or billions of dollars.
Microsoft changes will require a third -party antivirus to perform in what is called “user mode”, which is the same level as most current applications – as your browser – on your PC uses. Until now, there is not a ton of details published on how these changes will have an impact on the effectiveness of third -party security applications, but an overview of the new system will be sent to certain partners in July.
Good riddance
If you have played competitive games, you have met a modern anti-cheat: Battleye (BE), Easy Anti-Cheat (EAC), EA Javelin Antheat, Vanguard, etc. Like the antivirus running on your PC, these services are also at the nucleus, which theoretically gives them unhindered access to your PC and everything. Unless you remove or deactivate them completely, which then requires restart to turn them on – there is really no easy way to reduce their access.
Anticheat at the kernel level has raised confidentiality and security problems in recent years, because criticism has quickly stressed that it was an extraordinary level of access to something as minor as a game. These concerns have been amplified by the fact that anti-trickered systems are owners.
Related
The latest anti -chariting technology is controversial. Here is why
When is it going too far?
Supporters have argued that the anti-triche at the nucleus is necessary to prevent pirates and cheaters from cheating in the games. However, this argument does not seem to hold a lot of water, because most competitive games (especially first -person shooters) are flooded with exploits and cheaters anyway.
Anti-cheat at the kernel level was also a recurring problem on Linux operating systems, which has created intermittent problems for players on Linux.
Related
7 problems that you will probably meet with games on Linux
The game on Linux is easier than ever, but there are still guys to watch.
With Microsoft tightening access to the Windows kernel, existing anti-triche systems must be modified to take into account the modifications. Hopefully, all anti-key developers are approaching will be more friendly towards Linux-based operating systems, given their growing popularity.
