Microsoft plans to roll out key platform upgrades in July in an effort to build greater operational resilience into the Windows platform, following the 2024 global IT outage linked to a faulty software update from CrowdStrike.
The changes — including quick machine recovery and other features letting Microsoft 365 users continue accessing the cloud in a protected environment — are part of a Windows overhaul that Microsoft announced in November to build a more secure environment that would prevent software updates from causing widespread operational disruptions for enterprise customers. In September, the company met with major security firms to discuss how such an overhaul would work.
“We recognize our shared responsibility to enhance resiliency by openly sharing information about how our products function, handle updates and manage disruptions,” David Weston, corporate vice president of enterprise and OS security at Microsoft, said in a blog post released Thursday.
Microsoft’s partners welcomed the changes and said they would create a more secure environment for customers.
Alex Ionescu, chief technology innovation officer at CrowdStrike, said after the company spoke at the September Windows Endpoint Security Ecosystem Summit in 2024, it has seen significant customer interest in the effort to drive greater platform resiliency.
“Through this collaboration, we’ve driven substantial improvements to the planned capabilities for WESP, paving the way for a more integrated high-performing security solution,” Ionescu told Cybersecurity Dive in an emailed statement.
“With the introduction of MVI 3.0, we’ve successfully met all the new standards and recognize how these rigorous requirements strengthen the overall ecosystem.
“The Microsoft Windows endpoint security program encourages a collaborative, transparent environment that will strengthen cyber resilience for all customers,” Jim Treinen, senior vice president of engineering at Trellix, told Cybersecurity Dive via email.
The July 2024 outage caused approximately 8.5 million Windows systems to malfunction, resulting in major disruptions across a wide variety of critical infrastructure providers. Emergency services providers, major hospitals, airlines and banks all reported significant problems.
After an internal investigation, CrowdStrike said the problem resulted from a botched software update on its Falcon platform.
The disruptions caused billions of dollars in losses for companies that faced lost productivity and other challenges.
(Updates with comment from CrowdStrike)
