Microsoft has attributed the recent massive IT outage, which caused significant global disruptions, to European Union regulations.
Last Friday, a defective update from CrowdStrike’s Falcon system, which is designed to prevent cyberattacks and has privileged access to the kernel, caused approximately 8.5 million computers to fail worldwide. This incident resulted in thousands of flight delays and cancellations, disruptions in the UK’s NHS service, and failures in contactless payment systems.
Microsoft stated that a 2009 agreement with the European Commission, aimed at avoiding a European competition investigation, required them to allow multiple security providers to install software at the kernel level. This prevented Microsoft from making security changes that could have blocked the problematic CrowdStrike update. A Microsoft spokesperson told the Wall Street Journal, “We could not make a similar change because of the EU agreement.”
In contrast, Apple, a major competitor of Microsoft, blocked access to the kernel on its Mac computers in 2020, arguing that this measure would enhance security and reliability. The European Commission had accused Microsoft in the early 2000s of using its popular Windows software to gain an unfair advantage over other companies, leading to the 2009 agreement.
Despite the CrowdStrike update affecting less than 1% of all Windows-operated machines, the widespread use of CrowdStrike in businesses caused significant impacts. Many computer screens displayed a blue error screen, rendering them unusable until fixed. CrowdStrike has apologized for the disruption, stating that “a significant number” of affected computers are back online.
The outage caused significant chaos in various sectors. Data from OAG showed that 9,650 flights were canceled between Friday and Sunday, with Delta Airlines being the most affected. The NHS confirmed that its systems were back online but warned of potential delays as services continued to recover.
Meanwhile, the European Union is currently pushing Apple to open its iPhone to alternative app stores and web browsers under the new Digital Markets Act. Apple has argued that such changes could compromise the security of its devices.