Last week, a major IT outage caused chaos around the world. Millions of Windows devices were left unusable due to a faulty update from security software company CrowdStrike.
While the immediate cause seems clear, Microsoft has placed some of the blame on the European Commission, igniting a debate about competition, security, and the role of regulation.
A faulty update
The finger of blame initially pointed towards CrowdStrike, whose Falcon antivirus software update triggered the issue.
The update caused affected systems to reboot in a continuous loop, preventing users from accessing their devices. This impacted businesses of all sizes, airlines, hospitals, and even railway networks, causing significant disruption.
Microsoft’s stance: EU’s role
Microsoft, however, offered a surprising explanation for why the update caused such widespread problems. In a statement to the Wall Street Journal, they pointed to an agreement with the European Commission in 2009.
Back then, Microsoft faced antitrust concerns in Europe and agreed to provide third-party security vendors with the same level of access to the Windows kernel – the operating system’s core – that Microsoft has itself.
According to Microsoft, this unrestricted access made it difficult to implement safeguards that could have prevented the CrowdStrike update from wreaking havoc. They argue that the update’s impact could have been mitigated with more control over kernel access.
The debate heats up
Microsoft’s statement has sparked a heated debate. Some agree that the EU regulations might have played a role in this incident. They argue that a more controlled access system could offer better protection against faulty updates or even malware.
On the other hand, others criticize Microsoft’s stance. They believe this is an attempt to deflect blame and downplay their responsibility for ensuring the proper functioning of their software.
Additionally, some argue that restricted access could hinder innovation and limit the effectiveness of third-party security solutions.
Looking ahead
The coming weeks and months will likely see further discussions and investigations into this incident. Whether the EU regulations require adjustments or Microsoft shoulders more responsibility for the faulty update remains to be seen.
However, one thing is certain: lessons need to be learned to ensure such a large-scale outage doesn’t happen again.
Read more: