They won’t, at least not for a very long time, because they deeply resist breaking changes, even when they are a net benefit.
I think they are working towards getting everything out of the kernel though, ever since that Crowdstrike outage.
Microsoft just needs to start kicking shit out of the Kernel. Allowing any of it is inherently insecure on a fundamental level.
dogs0n@sh.itjust.works 19 hours ago
pivot_root@lemmy.world 15 hours ago
Amazing. Crowdstrike did end up providing some benefit to users after all.
Mwa@thelemmy.club 12 hours ago
True
Romkslrqusz@lemmy.zip 4 hours ago
They are.
Kernel level drivers with known security vulnerabilities are blocked from loading in Windows 11.
This is functionality of the core isolation / memory integrity protection, which rely on Secure Boot and TPM to function.