- Just a month after 8.5 million Microsoft Windows users were hit by a severe outage, the company has decided to host a security summit.
- The Windows Endpoint Security Ecosystem summit will be held on September 10th in Redmond.
- It will address the lessons Microsoft has learned from this outage and talk about steps they can take to prevent a repeat in the future.
Microsoft will host a security summit next month in Washington in response to the botched CrowdStrike update that resulted in a massive Windows outage for 8.5 million devices.
The summit, which has been titled Windows Endpoint Security Ecosystem, will be held on September 10th in Redmond.
Participants include Crowdstrike, government officials, and various key partners who are associated with delivering security solutions. Following will be the topics of discussion at the summit:
- The best ways to strengthen Window’s security
- Safe deployment practices
- Best ways to design a network for better cyber resiliency
- Best practices to avoid another crisis like this
- How (in general) the industry can work together as a whole
Microsoft believes that the discussions of the summit will have both short-term and long-term consequences that will help build a more secure and reliable technical ecosystem for all.
Although this summit is not open to the public, the company has decided to make some of the key details public.
Microsoft’s Response to the Outage
This is the first big step that the company is taking to address what went down on July 19 when millions of people around the world were unable to access their devices. Prior to this, the company mostly focused on sharing updates and handling customer grievances.
This is not to say that it’s not serious about the issue. In fact, just after the incident it called for changes to Windows and contemplated moving security vendors out of the Windows kernel.
A kernel is the core part of an operating system that has unrestricted access to the device’s memory and hardware.
This isn’t the first time the company has tried to close off access to Microsoft Kernel. Back in 2006, a similar initiative was undertaken but it was met with a lot of resistance from cybersecurity vendors and regulators.
Once again, cybersecurity vendors are expected to protest. A deeper access to Microsoft’s systems helps them build innovative security solutions. So it makes sense why they would like to keep their Kernel access. But on the other hand, Microsoft doesn’t want third parties to bring down its entire operating system once again.
What makes the relationship between security vendors and Microsoft even more complicated is that it builds the Windows platform for them and then competes for paid security customers.
However, this time around, the discussion will happen in the presence of government representatives which will ensure a much higher level of transparency and probably better outcome.
About the Outage
The outage was caused by CrowdStrike, a cybersecurity company, that tried to update its software but unfortunately, its update file had a bug that crashed Microsoft’s entire system.
As a result, millions of customers were faced with the “blue screen of death” and were unable to log into their devices. The impact was widespread, ranging across the UK, the US, India, Australia, Japan, the Netherlands and many more.
The aviation industry took the worst hit. Countless flights were either cancelled or delayed which led to unimaginable crowds at airports. Supermarkets also had trouble processing online payments and pharmacies and hospitals had trouble pulling up patient data.
Cybercriminals also took advantage of this situation and sent out phishing emails. In short, it was a huge mess.