The recent outage affecting computers running a specific update of Crowdstrike’s software has been nothing short of dramatic. With over 8.5 million systems disrupted almost instantly, the incident has caused widespread chaos across global services—from airports to television networks. Many businesses, particularly in France, have felt the sting of this unexpected event. Crowdstrike has acknowledged responsibility and has been working frantically to deploy a fix.
Microsoft Deflects Blame
As the situation unfolded, Microsoft was initially pegged as the main culprit, even though the actual responsibility lay with Crowdstrike. This misattribution led to a storm of criticism aimed at Microsoft. Now, the tech giant is pushing back, shifting some of the blame onto the European Union.
In a recent Wall Street Journal article, a Microsoft spokesperson (who chose to remain unnamed) explained the company’s position. According to the spokesperson, an agreement made back in 2009 between Microsoft and the European Commission is partly to blame. This agreement prohibited Microsoft from further locking down its operating system to enhance security, which could have prevented such incidents.
The 2009 deal required Microsoft to provide security software vendors with the same level of access as its own software, allowing third-party security tools to have deeper system integration. While this promotes a broader range of security options, it also increases the risk of potential system disruptions, as evidenced by the Crowdstrike issue.
A Broader Context
The agreement between Microsoft and the EU stipulates the sharing of Windows APIs with third-party developers, which can lead to significant impacts in cases of system failures. Notably, companies like Google and Apple have not faced similar obligations. However, there is speculation that they might eventually face similar demands, potentially leading to comparable issues in the future.
Microsoft’s response highlights a complex issue at the intersection of security, regulation, and technology. While the company grapples with the fallout of the Crowdstrike outage, the incident underscores the delicate balance between security measures and regulatory requirements in the tech industry.
My name is Noah and I’m a dedicated member of the “Jason Deegan” team. With my passion for technology, I strive to bring you the latest and most exciting news in the world of high-tech.