The recent global outage caused by a faulty CrowdStrike antivirus update for Windows machines sparked widespread problems across the world. Flights were delayed/cancelled, banks, other sectors were affected. Now, according to a report by The Wall Street Journal, Microsoft is laying the blame on the European Commission (EU).
What caused the outage?
Microsoft explained to the European Commission that the culprit behind the disruption was a kernel mode update for CrowdStrike Falcon on Windows systems. Kernel mode grants software full system access, allowing for deep system integration but also posing a higher risk for critical failures. Unlike Windows, however, Apple’s macOS restricts third-party software to user mode, preventing such ‘dangerous’ updates on Macs.
As per the report, Microsoft claims its inability to implement similar security measures on Windows stems from an agreement with the EU. Back in 2009, the company agreed to grant third-party security software kernel-level access to not be hassled with antitrust concerns. While this promotes competition, it also opens the door for security vulnerabilities as witnessed in the CrowdStrike incident.