While IT infrastructure around the world is recovering from a critical failure, businesses, experts and politicians are already looking for those to blame for what happened. According to The Wall Street Journal, Microsoft said that the incident may be the result of a forced agreement in 2009 between the IT giant and the European Union.
Experts are already questioning why cybersecurity solutions company CrowdStrike was given access to the Windows kernel at such a low level, where a bug could be very large and costly for a huge number of users.
While Microsoft cannot be directly blamed for the flaw in the CrowdStrike software update that wreaked havoc on all walks of life around the world, the software architecture that allows third parties to deeply integrate their software into Microsoft’s operating systems raises many questions and requires closer examination.
As the WSJ reports, Microsoft noted that the company’s 2009 agreement with the European Commission was the reason that the Windows kernel is not protected in the same way as, for example, Apple’s macOS kernel. The compatibility agreement was actually the result of increased attention from European regulators to Microsoft’s activities.
In accordance with one of its points, Microsoft is obliged to provide timely and ongoing information about the APIs used by its security software in Windows operating systems – user and server versions. The corresponding documentation should also be available to third-party antivirus software developers to create their own solutions.
On the one hand, this ensures fair competition between antivirus software developers. Instead of using APIs without access to the kernel, CrowdStrike and its ilk have chosen to work directly with the operating system kernel to maximize the capabilities of their security software. True, there is a high probability that in the event of a failure the consequences could be extremely serious – which is what happened.
Windows is not the only operating system that allows access to the kernel and the ability to disable it. However, the ubiquitous presence of Microsoft products ensures that when third-party applications fail, there will be massive consequences and greater publicity, even if the company is not directly at fault.