Microsoft Blames European Commission for Major Worldwide Outage: A Critical Analysis
 |
| Microsoft Blames European Commission for Major Worldwide Outage |
On Friday, July 19, 2024, a major worldwide outage affected 8.5 million Windows machines, causing widespread disruptions to critical infrastructure, including airlines, retailers, banks, hospitals, and rail networks. The outage was caused by a faulty software update from security company CrowdStrike, which was auto-installed on laptops and PCs running Windows versions 7.11 and above. While Linux and Mac users were not impacted, Microsoft has blamed the European Commission for its inability to offer the same level of protection to Windows users as Apple can.
The European Commission's Interoperability Requirements
In 2009, Microsoft reached an understanding with the European Commission to provide third-party security apps with the same level of access to Windows that Microsoft gets. This agreement was reached after the European Commission pursued Microsoft in the early 2000s over concerns that the company's popular Windows software gave it an unfair advantage in other areas, such as web browsers. As part of this agreement, Microsoft agreed to provide kernel-level access to third-party developers, which has been cited as a contributing factor to the recent outage.
Apple's Walled Garden Approach
In contrast, Apple's macOS operating system does not grant kernel-level access to third-party developers. With the rollout of macOS Catalina in 2019, Apple deleted kernel extensions and transitioned to system extensions that run in user space instead of at a kernel level. This change, although painful for Apple's partners, has meant that Mac users are protected from the kind of faulty software update that caused the recent outage.
According to Patrick Wardle, the chief executive of Mac security maker DoubleYou, "What it meant was that a lot of third-party developers, ourselves included, had to rewrite our security software." Wardle also noted that Apple's approach has meant that Mac users are protected from the kind of blue screen of death that affected Windows machines during the outage.
The Consequences of the Outage
The consequences of the outage have been far-reaching, with thousands of flights cancelled, broadcasters and banking services disrupted, and critical infrastructure affected. The outage has also sparked a debate about the trade-off between security and interoperability, with some arguing that the European Commission's requirements may have compromised Windows' security.
Microsoft's Blame Game
Microsoft has blamed the European Commission for its inability to offer the same level of protection to Windows users as Apple can. However, some have criticized Microsoft for commercializing security software as paid enterprise products, rather than providing robust security features in the operating system. Others have suggested that Microsoft should focus on making its operating system secure rather than blaming the European Commission.
The Future of Security
The incident has highlighted the need for Microsoft to improve the security of its operating system. With the increasing threat of cyberattacks, it is essential that operating systems are designed with security in mind. Apple's walled garden approach may have saved Mac users from the recent outage, but it is not a foolproof solution. The incident has sparked a debate about the trade-off between security and interoperability, and it is essential that operating system manufacturers find a balance between the two.
Conclusion
The recent outage has highlighted the importance of security in operating systems. Microsoft's blame game may have shifted the focus away from its own responsibilities, but it is essential that the company takes steps to improve the security of its operating system. The incident has also sparked a debate about the trade-off between security and interoperability, and it is essential that operating system manufacturers find a balance between the two. As the threat of cyberattacks continues to grow, it is essential that operating systems are designed with security in mind.