Microsoft moves to prevent another CrowdStrike outage
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Annelise Capossela/Axios
Microsoft detailed new cybersecurity features that will both help bricked Windows devices recover faster and alter how companies access the root of the Windows system.
Why it matters: The changes will likely help prevent another global outage similar to the CrowdStrike incident in July.
Driving the news: Microsoft is hosting its annual Ignite event Tuesday in Chicago, where it is unveiling a suite of features and tools for its products.
- That includes changes to how tech and cyber vendors can operate their tools on Windows without having to access the kernel, the deepest level of Windows access.
Zoom in: Under the new Windows Resiliency Initiative, Microsoft is working to create a new recovery environment for Windows that will help devices come back online faster if they're knocked offline.
- Security partner companies will have to conduct additional security and compatibility testing before pushing out updates to make sure they find any bugs early.
- Microsoft is also working to develop new tools to let security product developers build products, including antivirus products, that can operate within user mode, outside the kernel.
Yes, but: Some of these product updates were in the works before the CrowdStrike outage, Pavan Davuluri, corporate vice president of Windows and devices, told Axios.
- "For sure, there are learnings for us from the incident in July," he said, but he noted that much of this work also started when the company began building Windows 11.
Catch up quick: Microsoft hosted several partners at its Redmond, Washington, headquarters in September to discuss ways to update the security of the kernel.
The big picture: Microsoft's cybersecurity practices have come under intense scrutiny in the last year.
- Last November, the company unveiled its Secure Future Initiative, which overhauls the company's internal culture and implements a range of cybersecurity protections.
Additional Microsoft security announcements include:
- Rolling out Microsoft Security Exposure Management, a tool that helps companies measure and monitor potential cyber threats, to all security customers.
- Adding new controls to Copilot to prevent leaking sensitive information to users.
- Adding new capabilities for remote, secure password deployment in Microsoft's Edge browser.
- Extending its bug bounty program with an in-person event, called Zero Day Quest, where $4 million in awards will be doled out to those who find flaws in the company's cloud and AI products.
Go deeper: Microsoft debuts $350 computer that runs Windows from the cloud
