The EU has been blamed by Microsoft for enabling a faulty security update which resulted in the world’s largest IT outage.
The tech giant said that a 2009 agreement insisted on by the European Commission meant that they could not make security changes that would have blocked the CrowdStrike update, which caused 8.5 million computers to fail.
The 2009 agreement allowed numerous security providers to install software at the core of a computer’s operating system, known as the kernel, in an attempt to level the playfield in the software market.
CrowdStrike is used by thousands of the biggest brands and enterprise companies around the world. The issue began when an error in the code of their Falcon system, which is designed to prevent cyber attacks, resulted in an error message across millions of Windows 10 PCs, taking out critical systems and IT infrastructure.
The faulty update triggered widespread travel, healthcare, and retail chaos last week. The NHS experienced disruptions, and contactless payment systems failed, leaving consumers unable to complete transactions.
Meanwhile, thousands of flights were delayed or cancelled, whilst train services also experienced severe disruption due to the outage, which affected approximately less than one per cent of all machines running Windows software. Despite the seemingly small figure, the impact was still widely felt as the anti-virus firm is used across many businesses.
Microsoft’s rival Apple blocked access to the kernel in 2020, a move they said would improve security and accuracy and this decision underscored a large difference in how the two competitors approached their businesses.
A Microsoft spokesman told the Wall Street Journal that it could not restrict access due to the EU agreement.
LATEST DEVELOPMENTS:
A sensor update from CrowdStrike appears left millions of Windows 10 PCs unable to boot correctly, with many stuck on the Blue Screen of Death (BSOD) error screen
UNSPLASH | JOHNYVINO
The firm has since said it will be taking “mitigation actions” against the IT issues.
It said online: “Our services are still seeing continuous improvements while we continue to take mitigation actions.
“We remain committed in treating this event with the highest priority and urgency while we continue to address the lingering impact for the remaining Microsoft 365 apps that are in a degraded state.”
CrowdStrike said yesterday that “a significant number” of the affected computers, which resulted in a blue error screen on many devices, were now back online.
Queues at Gatwick Airport due to the IT crash
PA
A Microsoft spokesman told the Wall Street Journal that it could not restrict access due to the EU agreement
Getty
“We understand the profound impact this has had on everyone. We know our customers, partners and their IT teams are working tirelessly and we’re profoundly grateful,” CrowdStrike said.
“We apologise for the disruption this has created.”
According to CrowdStrike’s website, it has 29,000 customers around the world, including some of the biggest companies in the US.
