Windows 10: Microsoft is moving antivirus programs from running at kernel level

Antivirus software will soon be moved out of the kernel mode in Windows. This change is part of Microsoft's Windows Resiliency Initiative (WRI).

Last year, millions of Windows PCs crashed with a blue screen due to a faulty update for Crowdstrike. In the aftermath of the incident, Microsoft held a security summit with the intention to prevent such issues in the future. Several security vendors, including Bitdefender, CrowdStrike, ESET, SentinelOne, Trellix, Trend Micro, and WithSecure, joined the Microsoft Virus Initiative (MVI) 3.0 program to collaborate with Microsoft and improve the security and reliability of Windows.

Microsoft says that it will release a private preview of the Windows endpoint security platform to its MVI partners. The changes will require antivirus software, and endpoint detection and response (EDR) apps, to run in user mode like most apps do. Microsoft highlights that running apps with administrator permissions opens the door to malware, which could infect a user's computer, and wreak havoc on critical system resources, causing disruptions, data loss, etc. This was what had caused the Crowdstrike BSODs last year.

Security vendors will be able to test their software, and request changes if required, to ensure that their antivirus products run fine in user mode. The Verge quotes David Weston, vice president of enterprise and OS security at Microsoft, who said that "We’re not here to tell them how the API should work, we’re here to listen and provide the security and reliability".

Instead of laying down the rules, Microsoft is collaborating with antivirus vendors to share feedback and co-engineer the system. It could take a while to get things sorted with the previews, but this is a nice approach.

Weston also hinted that these changes could also affect kernel-level anti-cheat mechanisms used in games, Easy Anti-Cheat for example. It could be a thing of the past, which is welcome news.

Thank you for being a Ghacks reader. The post Microsoft is moving antivirus programs from running at kernel level appeared first on gHacks Technology News.

read more...

 

What Antivirus program is running

Go to Security and Maintenance, look in 'Security' and see what program is listed under Virus Protection. Windows Defender will not be enabled if there is a program other than Windows Defender listed.

The behavior you are describing is typical if there is a third party program installed or there are remnants of a third party program still present in the system.

See Problems
starting Windows Defender in Windows 8/8.1/10

and be sure you run the appropriate software removal tools for any other antimalware program (Avast, AVG, McAfee, Norton, etc) that may have previously been on the computer...you'll need to reboot the computer after doing so: List
of anti-malware product removal tools

For further information see the reply of quietman7 in
this thread: Redirecting.

And if you have not done so suggest you read the following:

See How to Use the Built-in Windows Defender Antivirus on Windows 10
Good article but ignore the ads!

Regards…

 

Need an Antivirus Program

You can try Microsoft Security Essentials. If it is too slow, try Avira Antivirus. Microsoft Security Essentials covers antivirus and antispyware and it does work very well. It's caught every instance of malware trying to get on my computer since I've been using it. You never have to worry about ads or nag screens and you get definition updates as well as full program updates when they're available, unlike most other programs that only offer definition updates.

 

Microsoft signals end of Paint program

Microsoft has confirmed that it will continue to offer its graphics program Paint.

In a recent update, it had listed Paint as a feature that would be either removed or no longer developed.

Paint, renowned for its simplicity, has been part of the Windows operating system since its launch in 1985.

Microsoft suggested it would not remain on Windows 10 by default but did say it would be available for free on the Windows Store.

BBC news Report here
Microsoft Paint avoids brush with death