Microsoft blames EU regulations for major IT outage
A recent IT outage, affecting up to 8.5 million Windows devices, has been attributed to a faulty antivirus update from CrowdStrike. The outage had widespread repercussions, including thousands of delayed or canceled flights and failures in contactless payment systems.
The issue stemmed from a defective update to CrowdStrike’s Falcon system, which has privileged access to the kernel, a critical part of the computer. Microsoft noted that its in-house security solution, Windows Defender, could not be solely relied upon due to the EU’s competition regulations.
Microsoft pointed to an agreement with the European Union dating back to 2009, which restricted the tech giant from implementing security changes that could have prevented the incident. The 2009 agreement was originally established to prevent Microsoft from gaining an unfair competitive advantage over other security providers.
Microsoft’s primary competitor, Apple, had previously restricted kernel access on its Mac computers in 2020 to enhance security and reliability. However, Microsoft’s compliance with the EU’s 2009 agreement prevented it from taking similar measures. The company confirmed that the outage impacted less than 1% of all Windows devices but acknowledged significant disruptions due to CrowdStrike’s widespread use in business environments.
CrowdStrike has since reported that a significant number of affected computers are back online and has issued an apology for the disruption. The incident highlights ongoing tensions between large tech firms and regulatory bodies, as evidenced by the EU’s current efforts under the Digital Markets Act to impose similar access requirements on Apple’s iPhone ecosystem.
Source: Microsoft says EU to blame for the world’s worst IT outage