After holding a summit with security vendors last year, Microsoft is poised to release a private preview of Windows changes that will move antivirus (AV) and endpoint detection and response (EDR) apps out of the Windows kernel. The new Windows endpoint security platform is being built in cooperation with CrowdStrike, Bitdefender, ESET, Trend Micro, and many other security vendors. Microsoft now has some of its most knowledgeable Windows engineers working on these security changes. “We’ve had key developers on this, some of the kernel architects of Windows and people that don’t even traditionally work in security,” Weston says. It prompts a device to enter the Windows Recovery Environment, where the machine can access the network and provide Microsoft with diagnostic information.