Microsoft's new initiative aims to prevent future CrowdStrike-like incidents
What's the story
In the wake of CrowdStrike's outage, which affected 8.5 million Windows PCs and servers in July, Microsoft is working on a new strategy - Windows Resiliency Initiative. The move is aimed at making Windows more secure and reliable. It involves some basic changes that would make recovery easier for customers running Windows-based machines, in case something like the CrowdStrike incident happens again.
Quick recovery
New feature for remote machine recovery
As part of the Windows Resiliency Initiative, Microsoft has unveiled a new feature dubbed Quick Machine Recovery. The tool enables IT admins to remotely target fixes at machines failing to boot properly. The feature is based on improvements made to the Windows Recovery Environment (Windows RE), David Weston, the Vice President of Enterprise and OS Security at Microsoft, explained.
Enhanced security
Microsoft mandates security vendors to adopt specific measures
In the wake of the CrowdStrike incident, Microsoft is now requiring security vendors participating in Microsoft Virus Initiative (MVI) to take certain steps to make security and reliability better. These include enhanced testing and response processes, as well as the safe deployment of updates on both Windows PCs and servers.
Framework development
New framework to move anti-virus processing outside kernel
The company is also working with its MVI partners to allow anti-virus processing outside the kernel. This follows the incident where CrowdStrike software, which runs at the kernel level of Windows, let a bad update trigger a Blue Screen of Death on impacted machines. A preview of this new framework would be privately offered to Windows security partners in July 2025.