Microsoft blames 2009 EU agreement for massive IT outage after security update

July 22, 2024

On Friday, the largest IT outage to date disrupted approximately 8.5 million computers, primarily due to a faulty security update from cybersecurity firm CrowdStrike. Microsoft has attributed the issue to a 2009 European Commission agreement that it says prevented the company from implementing security changes that could have blocked the problematic update.

Faulty update sparks global disruption

The issue began with an update for CrowdStrike’s Falcon system, designed to protect against cyberattacks. 

This system, which has privileged access to a critical part of a computer known as the kernel, failed during the update, leading to widespread disruptions across multiple sectors globally.

The consequences were immediate and significant. Thousands of flights were delayed or cancelled, causing chaos for travellers worldwide. 

The UK’s NHS service experienced disruptions, and contactless payment systems failed, leaving consumers unable to complete transactions. 

Microsoft confirmed that up to 8.5 million Windows devices were affected, representing less than 1% of all machines running Windows software. 

Despite the relatively small percentage, the impact was substantial due to the widespread use of CrowdStrike by businesses.

CrowdStrike has since issued an apology and reported that a significant number of affected computers have been brought back online.

Historical context of the EU agreement

Microsoft pointed to a 2009 agreement with the European Commission as the underlying reason it could not prevent the faulty update from causing such widespread issues. 

The agreement stemmed from the Commission’s efforts to level the playing field in the software market, accusing Microsoft of using its dominant position with Windows software to unfairly disadvantage competitors. 

As a result, Microsoft agreed to allow multiple security providers to install software at the kernel level, rather than exclusively using its in-house Windows Defender.

This agreement contrasts sharply with how Apple handled similar issues. 

In 2020, Apple blocked access to the kernel on its Mac computers, arguing that this would improve security and reliability. 

This decision underscored a significant difference in how the two tech giants addressed security and competition issues.

Current regulatory landscape

The European Commission continues to scrutinize major tech companies under its regulatory framework. 

Under the new Digital Markets Act, Europe is pushing Apple to allow access to its iPhone to enable the use of alternative app stores and web browsers, aiming to reduce Apple’s control over its ecosystem and increase competition.

Meanwhile, Microsoft is still grappling with the repercussions of the 2009 agreement. 

A spokesperson for Microsoft reiterated to the Wall Street Journal that the company could not implement similar kernel-level changes as Apple due to the constraints of the EU agreement.

What’s next?

As we move into the second half of 2024, this incident highlights the ongoing challenges that major tech companies face in balancing security and regulatory compliance. 

The largest IT outage ever recorded serves as a stark reminder of the interconnectedness of global digital infrastructure and the critical importance of robust security measures.

Moving forward, stakeholders will closely monitor how Microsoft and other tech giants navigate these complex regulatory environments. 

The need for effective, adaptable security solutions has never been more apparent, and companies must continually innovate to protect against emerging threats while complying with regulatory mandates.

The post Microsoft blames 2009 EU agreement for massive IT outage after security update appeared first on Invezz