Microsoft is taking a significant step towards bolstering the security of its flagship operating system by incorporating the Rust programming language into the Windows 11 kernel. This move, first hinted at in the spring of 2023, has now come to fruition with the release of Windows 11 version 24H2.
Known for its memory safety features, Rust offers a compelling alternative to traditional C/C++, which has long been the backbone of Windows development. Memory-related vulnerabilities have been a persistent thorn in the side of cybersecurity, and Microsoft is clearly taking aim at this issue.
In the update log for Windows 11 24H2, Microsoft highlights the introduction of a new Graphics Device Interface (GDI) region developed using Rust. “Rust offers advantages in reliability and security over traditional programs written in C/C++,” the company explains.
This initial foray into Rust within the Windows kernel is represented by a new module named win32kbase_rs.sys, where the “rs” suffix clearly indicates its Rust origins. While this is currently the only kernel module rewritten in Rust, it signifies a potentially larger shift in Microsoft’s approach to Windows development.
Overall, this endeavor remains in its early experimental stages. However, the successful testing in Windows 11 24H2 paves the way for the replacement of more kernel modules with Rust implementations in future releases.
This move aligns with a broader trend in the tech industry. Google, for instance, is also actively embracing Rust for security-critical components. As Rust continues to gain traction, it seems poised to become a dominant force in the development of robust and secure software.
While the full impact of this transition remains to be seen, it’s an encouraging sign that Microsoft is prioritizing security and exploring new avenues for enhancing the resilience of its operating system.
