The biggest clash in IT history witnessed on July 18-19, took the world by storm, causing delays in flights, healthcare and international businesses.
8,5 million Windows devices and servers were affected worldwide. Previously blamed on CrowdStrike, Microsoft now revealed that the meltdown was caused by the EU´s regulations.
Fault of the EU
A Microsoft spokesman revealed to the Wall Street Journal that the crash occurred due to a 2009 agreement with the European Commission. The agreement did not allow Microsoft to make security changes, which, if permitted, would have blocked the CrowdStrike update and prevented global chaos.
The spokesman explained that under the agreement with the EU, CrowdStrike´s Falcon system; designed to prevent cyber attacks, had special access to a key part of a computer, the “kernel.” In 2009, Microsoft permitted several security providers to install software at the kernel level amid a European competition initiative.
The kernel is the heart of the operating system in charge of processes, memory, files and devices of computers. Normally, most of the software on a PC is limited to user mode, which is the ultimate “safety” mode. When installed with kernel mode, there is a risk of highly damaging failures, such as the world recently witnessed.
Can it happen again?
Following the crash, Microsoft stated that while software updates can cause disturbances, crashes such as the recent one are “infrequent.” In any case, experts stated that such a vast amount of businesses and individuals being reliant on one system has the potential to result in global havoc.
The reason why Microsoft in particular suffered this failure is that, unlike Apple, it allowed exterior access to the system´s kernel. Apple blocked the access on its Mac computers in 2020; making it impossible for such a meltdown to occur.
“It´s still possible,” consumer technology expert and former Microsoft executive Marbue Brown said to the Press, explaining that Microsoft is unable to stop the crash from reoccurring, as it can´t cut off kernel access.
