Microsoft continues its Rust mission with new kernel features

Microsoft Windows 11 logo in front of a background of sprawling neon blue code on a black background
(Image credit: Getty Images)

Microsoft announced that it has taken an additional step forward to embracing Rust as a core language by introducing new Rust-based kernel features to the latest Windows Insider build.

On Wednesday it shipped Windows 11 Insider Preview Build 25905 containing what it called a “small trial” of another critical kernel feature written in Rust.

The update specifically concerns a new implementation of GDI Regions in the win32kbase_rs.sys driver file located in System32. The _rs refers to the Rust language version.

GDI Regions refer to shapes, or a combination of shapes, that can be created for tasks like hit testing - checking to see if a cursor is hovering over a specific icon, for example.

“While this is a small trial, we will continue to increase the usage of Rust in the kernel,” Microsoft said in a blog.

“We are beginning to roll this out, so the experience isn’t available to all Insiders in the Canary Channel just yet as we plan to monitor feedback and see how it lands before pushing it out to everyone.”

Microsoft’s commitment to Rust

It’s long been known that Microsoft has aimed for a stronger adoption of the Rust programming language.


Whitepaper cover with blue header banner, title, and text

(Image credit: IBM)

Propel your digital transformation to the next generation.


The company’s CTO issued a call to the industry last year, encouraging it to embrace Rust over traditional languages like C and C++, following in its own footsteps as well as other major tech firms like Cloudflare and Linux, the latter of which is also implementing Rust in its own Kernel.

Microsoft’s interest in Rust dates back years and made a case for its adoption as early as 2019. 

It highlighted in a 2019 BlueHat presentation that most security vulnerabilities are caused by developers accidentally implementing memory safety issues in software components written in C or C++.

Rust and memory safety

One of the headline benefits of Rust is its inherent memory safety. For this reason, it’s considered a more secure programming language that can do the same things that the older C/C++ can do, at the same speed and efficiency - the main reasons for sticking with the older languages for so many decades - with better security.

Rust is memory-safe thanks to its compiler which refuses to build any program it's used to write unless memory safety can be guaranteed.

It makes for fewer security vulnerabilities and more reliable programs that are less likely to crash.

For this reason, it’s also being adopted by an increasing number of major ransomware operations, with a number of groups rewriting their payloads using the language.

BlackCat, Hive, and LockBit are among the most notable ransomware groups that have shifted to Rust in recent months. Ransomware binaries also benefit from Rust’s anti-analysis properties, largely attributed to the complex way in which its compiler translates developer code into machine-readable code.

Major tech companies, in addition to the aforementioned Microsoft, Cloudflare, and Linux also have their own Rust projects running in some capacity.

Meta, Amazon, Mozilla, Dropbox, and Figma are among the most notable in this far-from-exhaustive list.

Rust has also been the ‘most loved’ language by developers in the past seven annual StackOverflow surveys, underlining its popularity. 

As more tech companies increasingly embrace the language, it’s likely to become more of an in-demand skill for developers in the years ahead.

Connor Jones

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.