Microsoft blames the EU’s regulations for recent IT outage
Microsoft has attributed the world’s largest IT outage on Friday to the European Union, citing a flawed security update.
According to Microsoft, a 2009 agreement mandated by the European Commission prevented them from implementing security changes that could have blocked the problematic update from cybersecurity firm CrowdStrike, leading to the failure of an estimated 8.5 million computers.
The outage affected up to 8.5 million Windows devices, causing widespread disruption around the world: thousands of flights were delayed or cancelled, stranding passengers at airports globally; the UK’s NHS service experienced issues; and contactless payments were non-functional.
Microsoft noted that this represented less than 1% of all machines using the software, but the impact was huge due to CrowdStrike’s widespread use in the business sector. CrowdStrike acknowledged the situation, stating that “a significant number” of the affected computers are now back online and offered an apology for the incident.
The issue stemmed from a defective update to CrowdStrike’s Falcon system, designed to prevent cyberattacks by having privileged access to the computer’s kernel. A Microsoft spokesperson explained to the Wall Street Journal that due to the EU agreement, they were unable to implement a similar change.
Currently, Europe is attempting to enforce new regulations under its Digital Markets Act. The regulations compel Apple, as well as other tech giants, to allow alternative app stores and web browsers on its devices.
While Microsoft offers Windows Defender, its in-house alternative to CrowdStrike, the 2009 agreement aimed to avoid a European competition investigation by allowing multiple security providers to install software at the kernel level.
The European Commission had accused Microsoft since the early 2000s of leveraging its dominant Windows software to gain an unfair advantage over competitors. In contrast, Apple’s main rival, Microsoft, in 2020 blocked kernel access on its Mac computers to make its service more reliable and secure for customers.
