Microsoft blames being unable to make security changes prior to world’s biggest IT outage on EU rules
MICROSOFT has blamed the world’s biggest IT outage on EU rules.
The software giant said it was unable to make security changes that would have blocked the CrowdStrike update due to a 2009 agreement with the European Commission.
It meant multiple security providers could install software at the core of a computer’s operating system, known as the kernel, amid a European competition probe.
Apple, by contrast, blocked access to the kernel on its Mac computers in 2020, which it said would improve security and reliability.
A Microsoft spokesman said it was unable to make a similar change because of the EU agreement.
CrowdStrike’s Falcon system, designed to prevent cyber attacks, has privileged access to the kernel which meant a faulty update last week resulted in millions of Windows computers and servers failing to load.
CrowdStrike said they had identified the issue behind the global outage as a flawed anti-viral update.
The firm are reportedly used by Microsoft to handle various updates to their systems.
Microsoft has since announced it is taking “mitigation actions” against the issues.
They said via X: “Our services are still seeing continuous improvements while we continue to take mitigation actions.
“We remain committed in treating this event with the highest priority and urgency while we continue to address the lingering impact for the remaining Microsoft 365 apps that are in a degraded state.”
Microsoft said on Saturday it affected 8.5million Windows devices.