The recent global disturbance caused by a flawed CrowdStrike antivirus update impacting Windows systems led to widespread problems internationally. According to the report, Microsoft asserts that its inability to implement equivalent security measures on Windows stems from a particular agreement with the EU. In contrast to Windows, Apple's macOS confines third-party software to user mode, thereby averting potentially 'risky' updates on Macs.

In 2019, Apple ended the practice of granting developers access to the kernel in macOS Catalina. Apple switched to system extensions that function within user space instead of operating at the kernel level. As a result, Apple improved Mac security, shielding them from potential risks caused by unstable software updates. The CrowdStrike update did not have any effect on Mac users.

In kernel mode, software gains unrestricted access to the system, enabling extensive integration, but also heightening the potential for critical failures. In 2009, the company opted to grant kernel-level access to third-party security software in response to antitrust issues. While this encourages competition, it also brings about security vulnerabilities, as demonstrated by the CrowdStrike incident.

Source - Click Link