On Friday, the world experienced the largest computer outage in history, shutting down airports and even medical facilities. This once again showed both the importance of Microsoft software in the workplace and the vulnerability of Windows, which allowed a little-known development company to disable millions of computers. Some cybersecurity experts also believe that Microsoft did not take the vulnerability of its software seriously enough, according to The Wall Street Journal.
In a blog post on Saturday, Microsoft said that 8.5 million Windows computers were affected, which is less than 1% of the total number of computers in the world. However, this was enough to disrupt businesses in various industries.
The ripple effect continued on Saturday, when U.S. airlines canceled nearly 2,000 flights, down from 3,400 on Friday. Delta, which accounted for more than half of the canceled flights, scrambled to ensure crew availability and instructed pilots at hub airports to take off as soon as the planes were fully staffed and safe, regardless of the scheduled departure time.
The outage was caused by a flawed update from CrowdStrike, a cybersecurity firm that, like many others, promises to improve Windows security. The CEO of CrowdStrike took responsibility for the incident on Friday and assured that he was working to restore customer service. Nevertheless, many employees came to work and saw the "blue screen of death" on their PCs, while Macs and Chromebooks continued to work. Searches for "Microsoft outage" outnumbered searches for "CrowdStrike outage" on Google from Friday morning to Saturday morning.
The incident highlighted a fundamental trade-off in Windows' open design, which allows developers to create software that interacts deeply with the operating system. However, this can also lead to significant problems if something goes wrong.
Unlike Apple, which maintains a closed ecosystem, Microsoft is bound by a 2009 agreement with the European Commission (EC) to give security software developers the same level of access to Windows as Microsoft itself. This agreement prevents the company from restricting its operating system as Apple does.
Microsoft has faced ongoing security issues as its software is often targeted by hackers. The company's top executives have even been called before Congress to explain vulnerabilities in Windows. It is ironic that in January, CrowdStrike CEO George Kurtz publicly criticized Microsoft's security practices, accusing the company of systemic failures that endangered both customers and the US government.
A March report by the U.S. Department of Homeland Security's Cybersecurity Review Board emphasized the need to review Microsoft's security culture. The report emphasized Microsoft's central role in the technology ecosystem and its security shortcomings.
Microsoft has explained that the CrowdStrike-related outage was not related to previous security issues that federal officials have been looking into. However, critics argue that Microsoft's shift to cloud computing has led to a neglect of traditional products such as Windows, which has increased reliance on third-party security software.
The CrowdStrike bug was particularly serious because its software, Falcon, runs at the Windows kernel level. When the Falcon update proved to be defective, it crashed the operating system kernel, causing millions of computers to display the "blue screen of death".
In contrast, in 2020, Apple restricted developer access to the kernel level of the system to prevent similar catastrophic failures on its devices. Although this change required developers to modify the software, it increased the stability of the system. Most likely, Microsoft will have to look for a solution to this problem and work with the EU to modify the agreement, otherwise it will only be a matter of time before a large-scale failure like the CrowdStrike happens again.