How Microsoft Is Turning Windows and Azure Safer with Rust

Microsoft has been steadily moving core parts of its software stack to the memory‑safe language Rust, aiming to eliminate many classes of bugs and improve overall system security.

Windows kernel parts rewritten in Rust

At RustConf 2025, Azure CTO Mark Russinovich announced that sections of the Windows kernel, such as win32kbase_rs.sys , have been rewritten in Rust to prevent privilege‑escalation vulnerabilities that traditionally arise from C/C++ code.

“If it were written in C++, the bug could lead to privilege escalation; with Rust it just crashes, which is a safe failure.”

Microsoft also rewrote the DirectWrite font renderer, producing 154,000 lines of Rust code that is faster and more reliable than the legacy implementation.

Rust permeates Azure

Azure projects now require Rust for any component handling untrusted input. Initiatives include:

Caliptra hardware root of trust – entire firmware stack written in Rust.

Azure Boost – servers and network offload systems rewritten in Rust.

Hyper‑V – core virtualization components and the open‑source OpenVMM hypervisor are now Rust‑based.

Hyperlight – a Rust library that safely executes small function calls in isolated containers.

The Azure Rust SDK has also been released for developers.

Office & data systems also get a Rust makeover

Office’s DiskANN semantic search system was rewritten in Rust, delivering better performance and lower memory usage. The Azure Data Explorer migrated its storage layer and query engine to Rust, now handling hundreds of petabytes with 350,000 lines of Rust code versus millions of lines in C#.

Integrating Rust with existing codebases

Microsoft published an MSBuild Cargo plugin that lets teams embed Rust modules into C++/C# projects, handling linking and ABI compatibility. The plugin is open‑source for broader adoption.

Pragmatic Rust Guidelines for AI assistance

Microsoft released an internal “Pragmatic Rust Guidelines” handbook in two versions: a human‑focused guide covering error handling, FFI best practices, and async runtimes, and an AI‑optimized version formatted for Copilot‑style prompts.

Rewriting the crown jewel: SymCrypt

The core cryptographic library SymCrypt , which secures Windows, Azure, and Office, is being rewritten in Rust and formally verified using Rust’s verification tools. New post‑quantum algorithms like ML‑KEM are also implemented from scratch in Rust.

Rustizing third‑party drivers

Microsoft introduced the windows‑drivers‑rs framework, exposing Cargo to the Windows Driver Kit (WDK) via components such as wdk‑build , wdk‑sys , wdk , and cargo‑wdk , enabling safe Rust drivers on Windows 11.

Developer experience

Internal surveys show developers initially intimidated by Rust’s borrow checker eventually appreciate its performance gains and bug‑elimination benefits, despite challenges mixing C++/C# and debugging async code.

AI‑driven C++‑to‑Rust translation

Microsoft is building an AI tool based on GraphRAG that can automatically translate large C++ codebases to Rust while preserving structure and functionality, demonstrated by converting a 200‑line Python game into compilable Rust.

Conclusion

From kernel rewrites to Azure services, Office data pipelines, cryptographic libraries, driver frameworks, and AI‑assisted migration tools, Microsoft’s extensive investment in Rust signals a strategic shift toward memory‑safe, secure software across its entire ecosystem.