Microsoft recently attributed the CrowdStrike incident to a 15-year-old agreement with the European Commission, which prevented the company from blocking third-party developers, including CrowdStrike, from accessing the Windows kernel at the deepest level. This incident caused a global ‘blue screen of death’ (BSOD) on July 19, impacting 8.5 million Windows devices and disrupting various sectors such as aviation and healthcare.
In response, Microsoft released a USB recovery tool to help affected users fix the issue. The tool allows for creating Windows recovery media or starting the computer in Safe Mode, necessitating a USB drive with a capacity of 1 – 32 GB and at least 8 GB of free space on a 64-bit Windows computer.
Looking ahead, preventing similar incidents may prove challenging due to the 2009 agreement with the European Commission, which mandates Microsoft to grant developers the same level of operating system access as itself, including level 0 kernel access. This has raised concerns about potential vulnerabilities when third-party developers have such deep access to the Windows kernel.
In comparison, Apple’s policy of not allowing third-party developers full kernel access has helped mitigate similar problems.
Criticism of Microsoft has intensified following this incident, with concerns raised about the lack of proper control over CrowdStrike’s software updates before they were released to the public.
