Every technical problem on supported Windows is a Microsoft problem
The company is partly responsible for the global CrowdStrike chaos and it’s high time it recognized that fact
KOSTAS FARKONAS
PublishED: July 19, 2024
One would have to be stranded on a deserted island – or any other place without Web access for that matter – in order to not have read or heard by now about the outage of Windows machines all round the world caused by a CrowdStrike faulty security service update. Even if such a problem had just affected consumer PCs it would have been bad enough at that scale, but CrowdStrike provides system-level protection from Internet threats to thousands of businesses and organizations globally, including telecoms, airlines, public services, banks, hospitals and media among others.
It was a wild ride for a bit, as people were trying to understand how such an issue could affect so many machines, so fast, in such a bad way, globally. It took a while to become apparent that this update – which prevented Windows PCs depending on CrowdStrike’s service to even boot properly – found its way to hundreds of thousands of computers across different industries all at once because of the company’s Falcon cloud technology, which works perfectly for this kind of software-as-a-service, centrally controlled Internet threat protection.
Until, of course, it isn’t.
Microsoft quick to put the blame on CrowdStrike
It was only natural that, after the initial shock, there was much finger pointing on the Web… and it was Microsoft who did not waste time in putting the blame on someone else: the company was quick to name CrowdStrike as the one responsible for the outage, even before security experts had the chance to weigh in on the matter. Corporations of Microsoft’s size are pretty much expected to go into damage control mode as soon as something like that happens, yes – but, even so, the company was unusually swift and specific in its press statements, especially given the fact that even its own services, like Windows 365 Cloud PC and Microsoft 365 Office Suite, were affected too.
There is a reason why that happened so fast: Microsoft is partly to blame and it would rather have people not dig deep enough to find that out. CrowdStrike’s Falcon cloud security platform works with Microsoft’s Azure, Amazon Web Services and Google Cloud, bolstering the defenses and real-time threat detection already provided by those cloud platforms. It also works across Windows-, Linux- and macOS-based computers. It was this particular update for Windows only, though, that brought so many businesses and public services to their knees for so many hours today, as CrowdStrike has clarified that no Mac or Linux systems were affected. It was clearly this specific update that was not properly and adequately tested before deployment, something that CrowdStrike and Microsoft share the blame for.
Simply put, Microsoft is still very much a part of this chain of services and software regardless of how businesses decide to use CrowdStrike’s security platform. If Falcon works by installing software on Windows PCs, then it should be Microsoft’s job to ensure that no cybersecurity software with sufficient access to such important system files as kernel drivers can lead those PCs to crashes and boot loops. If the company does not already have such testing and certification processes in place, then it obviously should. If the Falcon platform works through Azure, then it definitely falls on Microsoft to ensure that customers of its own cloud solution do not have their PCs remotely updated by a third party only to restart into Blue Screens of Death and boot loops.
Support for Windows 10/11 still Microsoft’s responsibility
Businesses or organizations that subscribe to CrowdStrike’s Internet security services do so on their own accord and at their own risk. That much is true. But Microsoft is still responsible for the security of every Windows 10/11 PC it officially supports, so it is also at least partially responsible for what happened today: it would be rather absurd to claim that all those hundreds of thousands, if not millions, of PCs affected today were all based on Windows XP, Vista, 7 or 8. Some, or even many, of those PCs really are based on legacy operating systems not supported by Microsoft anymore, yes. But for the rest of them Microsoft cannot possibly pretend that it can just wash its hands clean and be done with it.
At the end of the day, the CrowdStrike chaos was not caused by some experimental device driver downloaded by careless consumers from GitHub just for kicks. It was caused by a commercial cloud security service, through a single software update, deployed by a company that Microsoft itself works with, wreaking havoc to comms, transportation, finance and healthcare to name but a few of the sectors affected on a global scale. Context matters. Safeguards should have been put in place precisely for this kind of situations and yet it seems that this never occurred to anyone working in this chain of software-as-a-service (ironically one of crucial importance to security). Here’s hope that, come Monday, everyone involved in that will start working towards this not happening again. It can’t be that hard, can it?