“The enormity of this error is alarming,” said Andrew Garbarino, chairman of the subcommittee. The incident, which took 8.5 million Windows computers and servers offline, created an environment “ready to be exploited by malicious cyber attackers for phishing and other attempts,” he said.
However, Meyers defended the company’s position.
“The fight against abuse is very concerning, because if a threat actor gets access to the system, he may want to disable the security tools. And to identify what is happening, kernel visibility is required. The kernel driver is an important part of every security product I think. Whether or not they can say they do most of their work in the kernel varies from vendor to vendor. But trying to secure an application without kernel access can be very difficult. “
Source link