The recent Crowdstrike outage sent ripples through the cybersecurity community, highlighting the fragility of even the most robust systems.

As a major player in the cybersecurity industry, Crowdstrike’s disruption was more than just a hiccup; it was a stark reminder of the vulnerabilities inherent in our interconnected digital ecosystem.

But beyond the immediate chaos and the scramble to restore services, this incident offers profound lessons for Microsoft and other tech giants striving to fortify their defenses against an ever-evolving threat landscape.

The Immediate Impact

The Crowdstrike outage disrupted services for countless organizations relying on its advanced threat intelligence and endpoint protection solutions. Businesses found themselves vulnerable, scrambling to implement contingency plans and mitigate risks.

The immediate impact was significant, but the ripple effects extended beyond the initial downtime.

The incident was a wake-up call for Microsoft, a company deeply embedded in the fabric of global IT infrastructure. Despite its extensive resources and advanced security measures, no system is impervious to failure. The Crowdstrike outage underscored the importance of resilience and adaptability in facing unforeseen challenges.

The Role of Redundancy

One of the primary takeaways from the Crowdstrike outage is the critical role of redundancy in cybersecurity infrastructure. With its vast array of cloud services and enterprise solutions, Microsoft must prioritize building and maintaining redundant systems to ensure continuity of service. This includes:

• Data Replication: Ensuring data is replicated across multiple, geographically dispersed locations to prevent loss during an outage.
• Failover Mechanisms: Implementing automatic failover mechanisms that seamlessly switch operations to backup systems in case of primary system failure.
• Diverse Network Paths: Creating diverse network paths to prevent a single point of failure from disrupting service.

Enhancing Incident Response

The speed and effectiveness of an organization’s incident response can significantly mitigate the impact of a cybersecurity event. For Microsoft, this means:

• Comprehensive Training: Regularly training staff on the latest incident response protocols and best practices.
• Simulated Drills: Conducting simulated cybersecurity drills to test and refine response strategies.
• Collaboration with Experts: Collaborating with cybersecurity experts and partners to stay ahead of emerging threats and response techniques.

The Importance of Transparency

During the Crowdstrike outage, the company’s commitment to transparency was crucial in managing customer expectations and maintaining trust. Microsoft can learn from this approach by:

• Clear Communication: Ensuring clear and timely communication with customers during incidents, providing regular updates on the status and resolution efforts.
• Detailed Post-Mortems: Conduct detailed post-mortem analyses of incidents and share findings with customers to demonstrate accountability and continuous improvement.
• Customer Support: Offering robust customer support to address concerns and provide assistance during and after incidents.

Leveraging AI and Machine Learning

Crowdstrike’s reliance on advanced threat intelligence highlights the growing importance of AI and machine learning in cybersecurity. Microsoft, already a leader in AI innovation, can further enhance its cybersecurity efforts by:

• Predictive Analytics: Utilizing AI to predict and identify potential threats before they manifest.
• Automated Response: Implementing AI-driven automated response systems that can quickly neutralize threats without human intervention.
• Continuous Learning: Ensuring that AI systems continuously learn and adapt to new threat vectors and attack patterns.

Strategic Partnerships

The interconnected nature of the digital ecosystem means that no company can operate in isolation. Strategic partnerships are essential for enhancing cybersecurity resilience. Microsoft should:

• Collaborate with Industry Peers: Work collaboratively with other tech giants and cybersecurity firms to share intelligence and develop unified defense strategies.
• Public-Private Partnerships: Work closely with government agencies and public sector organizations to bolster national and global cybersecurity efforts.
• Open Source Initiatives: Support and contribute to open source cybersecurity initiatives that promote innovation and collective defense.

The Human Element

While technology plays a pivotal role in cybersecurity, the human element remains crucial. Microsoft must focus on:

• Employee Awareness: Enhancing employee awareness and training to recognize and respond to cybersecurity threats.
• Expert Recruitment: Recruiting top cybersecurity talent to lead and innovate within the organization.
• Cultural Shift: Fostering a culture of cybersecurity awareness and vigilance across all levels of the organization.

Future-Proofing Security

The Crowdstrike outage is a stark reminder that cybersecurity is a constantly evolving field. Microsoft must remain proactive in future-proofing its security measures by:

• Regular Audits: Conducting regular security audits to identify and address vulnerabilities.
• Adopting New Technologies: Staying at the forefront of technological advancements in cybersecurity.
• Long-Term Planning: Developing long-term security strategies that anticipate and mitigate future threats.

Conclusion

The Crowdstrike outage was more than a temporary disruption; it was a critical learning opportunity for the entire tech industry, particularly for giants like Microsoft. Microsoft can strengthen its cybersecurity posture and ensure greater resilience in future challenges by focusing on redundancy, enhancing incident response, leveraging AI, fostering strategic partnerships, and emphasizing the human element.

Ultimately, the lessons learned from Crowdstrike’s experience underscore the importance of continuous improvement and adaptation in cybersecurity. As threats evolve, so must our defenses, driven by innovation, collaboration, and an unwavering commitment to protecting the digital world.

Dubbed the “digital pandemic” by some, a CrowdStrike bug triggered the infamous Blue Screen of Death (BSoD) on millions of systems worldwide. The impact was widespread, hitting airlines, banks, emergency services, and TV stations.

Despite the situation, it’s important to clarify that Microsoft is not to blame. The culprit here is a faulty driver update pushed out by cybersecurity company CrowdStrike, which caused PCs everywhere to crash. While CrowdStrike is at fault, Microsoft has been proactive, rolling out tools to help fix the affected systems.

Last week, Microsoft released a USB Recovery Tool to tackle the CrowdStrike bug.

This tool aims to speed up the repair process, allowing IT admins to restore PCs to a pre-bug state. It offers two recovery options: WinPE and safe mode. Microsoft recommends using WinPE, though there are scenarios where the safe mode option is more appropriate, particularly if BitLocker is enabled.

The recovery key isn’t available (admin rights are needed).

A new Tech Community post from Microsoft details these options and their respective pros and cons:

Recover from WinPE (Recommended)

• Quickly and directly recovers systems.
• Does not require local admin privileges.
• Manually entering the BitLocker recovery key may be required if BitLocker is enabled.
• For third-party disk encryption, refer to vendor guidelines for recovering the drive so that the remediation script can run from WinPE.

Recover from Safe Mode

• It may allow recovery on BitLocker-enabled devices without entering recovery keys.
• Requires access to an account with local administrator rights.
• Suitable for devices using TPM-only protectors, unencrypted devices, or where the BitLocker recovery key is unknown.
• If using TPM+PIN BitLocker protectors, the user must enter the PIN or use the recovery key.
• If BitLocker is not enabled, just sign in with an admin account.
• For third-party disk encryption, consult vendors to recover the drive for the remediation script to run.

Microsoft also notes that while the USB tool is preferred, some devices can’t use USB connections. In such cases, a Preboot Execution Environment (PXE) option or reimaging the device might be necessary.

We’ll update our guide on fixing the CrowdStrike Blue Screen error on Windows 11 soon, incorporating these new methods. You can also check out Microsoft’s detailed breakdown of the process.

What is the CrowdStrike Outage?

Chances are, you’ve been impacted by the CrowdStrike outage somehow.

A vast number of companies and organizations have experienced PC crashes, and repairs are still ongoing. Even if you weren’t directly affected, the incident has been a hot topic outside tech circles.

Over the weekend, I overheard people at American football practices discussing the “Microsoft outage.” Friends and colleagues have reported similar conversations in hospitals, restaurants, and casual settings.

CrowdStrike is a cybersecurity company specializing in Internet security. Their Falcon platform provides real-time attack indicators and helps security experts protect systems. Unfortunately, a buggy update to the Falcon Sensor app wreaked havoc, affecting many organizations.

The fallout grounded planes, forcing some airports to issue handwritten boarding passes. Banks, emergency services, and millions of PCs were hit hard.

While some viewed the downtime as a welcome break, the CrowdStrike outage caused significant disruption across multiple industries. Ironically, CrowdStrike’s stock plummeted, but many could not capitalize on the dip due to the bug affecting trading services.

Although a fix is now available, the repercussions of the CrowdStrike outage will be felt for a while as IT admins work tirelessly to recover and repair affected systems.

A faulty update from cybersecurity provider CrowdStrike is knocking affected PCs and servers offline, forcing them into a recovery boot loop so machines can’t start properly. CrowdStrike is widely used by many businesses worldwide to manage the security of Windows PCs and servers.

Australian banks, airlines, and TV broadcasters first raised the alarm as thousands of machines started to go offline. The issues spread fast as businesses based in Europe started their work day.

UK broadcaster Sky News could not broadcast its morning news bulletins for hours this morning and showed a message apologizing for “the interruption to this broadcast.” Ryanair, one of the biggest airlines in Europe, also says it’s experiencing a “third-party” IT issue, impacting flight departures.

The Federal Aviation Administration (FAA) says it’s assisting airlines like Delta, United, and American Airlines due to communications issues. “The FAA is closely monitoring a technical issue impacting IT systems at US airlines,” says FAA spokesperson Jeannie Shiffer in a statement to The Verge. “Several airlines have requested FAA assistance with ground stops for their fleets until the issue is resolved.”

Berlin airport also warns of travel delays due to “technical issues.” The issues have also impacted many 911 emergency call centers in Alaska. One airline in India has even turned to handwritten boarding passes due to the outages.

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” says CrowdStrike CEO George Kurtz in a post on X. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.”

CrowdStrike says the issue has been identified, and a fix has been deployed, but fixing these machines won’t be simple for IT admins. The root cause appears to be an update to the kernel-level driver that CrowdStrike uses to secure Windows machines.

While CrowdStrike identified the issue and reverted the faulty update after “widespread reports of BSODs on Windows hosts,” it doesn’t appear to help machines that have already been impacted.

In a Reddit thread, hundreds of IT admins are reporting widespread issues. The workaround involves booting affected Windows machines into safe mode, navigating to the CrowdStrike directory, and deleting a system file. That will be troublesome on some cloud-based servers or even for Windows laptops deployed and used remotely.

“Our entire company is offline,” says one Reddit poster, while another says 70 percent of their laptops are down and stuck in a boot loop. “Happy Friday,” says one Reddit poster. It looks like IT admins worldwide will have a long day.

In what appears to be a separate outage, Microsoft is also recovering from several issues with its Microsoft 365 apps and services. The root cause of those issues was “a configuration change in a portion of our Azure backend workloads.”

With its intuitive interface, robust security features, and many improvements over its predecessors, it quickly became the go-to operating system for millions. However, as with all good things, the time has come for Windows 10 to start its journey towards the end of its support lifecycle.

This article will explore what this means for you, the consumer, and how to prepare to transition to a newer operating system.

Understanding End of Support

Before we dive into the specifics, it’s essential to understand what “end of support” actually means. Microsoft provides two types of support for its operating systems: mainstream support and extended support.

• Mainstream Support: This includes all the primary updates, including security updates, new features, and performance improvements. Mainstream support for Windows 10 ended on October 13, 2020.
• Extended Support: This phase focuses primarily on security updates and bug fixes without adding new features. Windows 10 will end its extended support on October 14, 2025.

After October 14, 2025, Microsoft will no longer provide updates or security patches for Windows 10. Any vulnerabilities discovered after this date will not be patched, exposing your system to security risks.

Why Is Microsoft Ending Support for Windows 10?

Several factors drive the decision to end support for an operating system.

Firstly, it allows Microsoft to focus its resources on newer technologies and operating systems, ensuring they remain competitive and secure. Additionally, it encourages users to migrate to newer versions, which typically offer enhanced features, better performance, and improved security.

Windows 11, released in October 2021, represents the next step in Microsoft’s vision for the future of personal computing. With its advanced features, such as a redesigned user interface, improved performance, and enhanced security measures, Windows 11 aims to provide a more modern and efficient computing experience.

What Are the Implications for Consumers?

The end of support for Windows 10 carries several implications for consumers. Understanding these can help you make informed decisions about how to proceed.

1. Security Risks – Perhaps the most significant concern is the increased security risk. Once Microsoft stops providing security updates, any new vulnerabilities discovered in Windows 10 will remain unpatched, making your system an easy target for cybercriminals and malware.
2. Software Compatibility – As time progresses, software developers will gradually stop supporting Windows 10. This means that new applications and updates to existing software may not be compatible with Windows 10, potentially leading to issues with functionality or performance.
3. Hardware Compatibility – Similar to software, hardware manufacturers will also start focusing on newer operating systems. This could result in a lack of driver support for new hardware, making it challenging to use the latest peripherals and devices with Windows 10.
4. Technical Support – While Microsoft will no longer support Windows 10, third-party technical support may still be available. However, this support will likely come at a cost and may not be as comprehensive as the support provided by Microsoft during the extended support phase.

Preparing for the Transition

Given the potential risks and challenges associated with the end of Windows 10 support, it’s crucial to start preparing for the transition to a newer operating system. Here are some steps you can take to ensure a smooth transition:

1. Evaluate Your Current System – Evaluate your current system to determine if it meets the requirements for Windows 11. Microsoft has provided a tool called the PC Health Check app, which can help you assess whether your system is compatible with Windows 11. You can start planning for the upgrade if your system meets the requirements. If not, you may need to consider purchasing a new device.
2. Backup Your Data – Before making any changes, ensure all your important data is backed up. This includes documents, photos, videos, and any other critical files. Using cloud storage solutions or external hard drives can provide extra protection for your data.
3. Plan Your Upgrade – Once you’ve determined that your system is compatible with Windows 11, plan your upgrade. Microsoft offers a free upgrade to Windows 11 for eligible Windows 10 users. You can check for updates through Windows Update or download installation media from Microsoft’s website.
4. Consider Alternatives – If your system is incompatible with Windows 11 and you’re not ready to invest in a new device, consider alternative operating systems. Linux distributions like Ubuntu or Fedora can provide a secure and modern computing experience without new hardware.
5. Stay Informed – Stay informed about the latest developments regarding Windows 10 and Windows 11. Microsoft regularly updates its support documentation and provides guidance on making the transition as smooth as possible. For the latest information, visit the [Microsoft Support](https://support.microsoft.com/) website.

Making the Transition

Transitioning to a new operating system can be daunting, but it can be a smooth and rewarding experience with the right approach. Here’s a step-by-step guide to help you through the process:

1. Check for Compatibility – Use the PC Health Check app to verify if your current system is compatible with Windows 11. The minimum system requirements include a compatible 64-bit processor, 4GB of RAM, 64GB of storage, UEFI firmware with Secure Boot capability, and TPM version 2.0. For a detailed list of requirements, visit the Windows 11 specifications page.
2. Backup Your Data – Ensure all your important data is backed up to an external drive or cloud storage. This step is crucial to prevent data loss during the upgrade process.
3. Download Windows 11 – If your system is compatible, you can download Windows 11 through Windows Update. Go to Settings > Update & Security > Windows Update and check for updates. If Windows 11 is available for your device, you’ll see an option to download and install it.
4. Perform the Upgrade – Follow the on-screen instructions to complete the upgrade process. The installation will take some time, and your computer may restart several times. Once the upgrade is complete, you’ll be greeted with the new Windows 11 interface.
5. Restore Your Data – After the upgrade is complete, restore your data from the backup and ensure that all your files and applications are functioning correctly.

Conclusion

The end of support for Windows 10 marks the beginning of a new era in personal computing. While it brings certain challenges, it also opens the door to new opportunities with Windows 11 and other modern operating systems.

By preparing in advance and making informed decisions, you can ensure a smooth transition and continue to enjoy a secure and efficient computing experience.

As we approach October 14, 2025, remember the importance of staying updated and proactive. Whether you upgrade to Windows 11 or explore other options, the key is to plan ahead and make the transition as seamless as possible.

For more detailed information and guidance, visit the official Microsoft Support website, which provides regular updates and insights on technology trends.

Stay informed, stay secure, and embrace the future of computing.

Website typo protection is now live for Edge.

Yes, you heard it right. This feature works exactly what it says on the tin.

This is a problem that many developers have ignored for way too long and has likely resulted in hundreds of millions of dollars in losses over the years. It still remains one of the most used ways for cybercriminals to trap their victims.

Malicious actors use URL typos in their nefarious practices to redirect unsuspecting users to their compromised sites or deploy infected payloads on their devices.

The concept is simple enough to understand. Every once in a while, when typing a web address in the address bar of a web browser, a user may input text with typos that are hard to notice at first glance. Doing so results in the browser pointing us to a completely different website or web resource.

Typosquatting, it is called.

Which is why this new feature that Microsoft has developed automatically detects these typos and prevents users from being redirected to malicious URLs.

As the company puts it:

“Website typo protection complements the Microsoft Defender SmartScreen service to defend against web threats. Microsoft Defender SmartScreen helps protect users against websites that engage in phishing and malware campaigns.

Typosquatters engage in phishing activities too, but there are only so many ways in which one can mistype a brand. Malicious actors know this and choose to host less aggravating content on “typosquat” URLs to avoid detection. Typosquatting site owners profit on users’ mistakes by taking them to advertising sites, affiliate links, false products, fake search engine results, or in some cases by redirecting users into parked domains reserved for very short-lived phishing campaigns.”

This new feature is as straightforward as you expect and works very smoothly.

Every time you type an address in the URL bar, Edge performs an automatic check in the background to figure out if you are being targeted by typosquatting or not. It that is the case, the browser displays a message to let you know that there might be a typo in the URL your just entered.

This new addition is now enabled by default on all platforms where Microsoft Edge is available.

Many of these improvements are visible to users, but some are not. One option in the second column is one that you will have to dig deeper to uncover.

It is improved protection against brute force attacks.

While this is the norm on other platforms and services, it is only now being rolled out on Windows. Microsoft first implemented this in Windows 2000 over two decades ago, but the company is now turning this option on by default.

The switch is flipped, starting with Windows 11 22H2, build 22528.1000 and higher.

Microsoft OS Security and Enterprise VP David Weston recently tweeted about this new protection technique to Insiders.

This security measure works just as you imagine it would. The operating system effectively locks the system after ten failed attempts to guess the local password. The presence of this makes it much harder to get into the system using brute force tactics.

According to Weston, this technique is very commonly used in Human-Operated Ransomware and other attacks. A brute force attack is also a popular way that bad actors use to get into systems, sometimes using Remote Desktop Protocol (RDP).

David Weston further confirmed that the new lockout policies are coming to Windows 10 as well.

These new policies are available in Local Group Policy Editor by navigating to Computer Configuration > Windows Settings > Security Settings > Account Lockout Policy. By default, Windows 11 locks out after ten failed attempts to guess the password in ten minutes.

But IT admins can configure these values according to their needs.

In fact, so much so that the software titan paid out almost $14 million in bug bounties last year alone!

Well, $13.7 million, if we are being honest.

Redmond detailed this in a post on the Microsoft Security Response Center blog, revealing that this amount was awarded to 327 security researchers through 15 bounty programs. The biggest reward totaled $200,000 from a remarkable 1,266 eligible vulnerability reports.

By comparison, the software titan paid out just $4.4 million over the same period last year, so you can get an idea of just how serious the company is in this space.

The security researchers that help Microsoft patch its software spend substantial amounts of time discovering and reporting security bugs, before hackers and cybercriminals can use these vulnerabilities for their nefarious purposes.

And speaking of vulnerabilities, the Redmond based company continues to address new cybersecurity threats to make it easier for researchers to share their findings.

In addition to all that is on offer, Microsoft is adding new bounty programs and offering two new research grants this year. Which comes just at the right time, with more and more people force to work from home due to the coronavirus pandemic.

The software giant is seeing increased security researcher engagement and higher report volume now than in previous years.

Makes total sense.

You know, just some terrible people trying to make a quick buck off of the coronavirus pandemic.

According to the details provided, the company has seen a steady increase in unsolicited email attachments that contain malicious Excel 4.0 macros. Apparently, the latest campaign only started around a week ago, but already has so far used several hundred unique attachments.

Scary!

This is what it looks:

And this is how it rolls:

“The emails purport to come from Johns Hopkins Center bearing ‘WHO COVID-19 SITUATION REPORT’. The Excel files open w/ security warning & show a graph of supposed coronavirus cases in the US. If allowed to run, the malicious Excel 4.0 macro downloads & runs NetSupport Manager RAT.”

Apparently, the number of malicious Excel 4.0 macros was already on the rise, according to Microsoft. But the advent of the COVID-19 meant that cybercriminals started to use it as a bait to lure in their victims.

Now we have hundreds of these macros being used out in the wild for this phishing campaign, and they all connect to the same URL that delivers a viral payload to PCs. Once infected, the attacker gains remote access to run commands on the comprised system, and install even more malware.

Rather meta, when you consider that these shady people are using the virus to deploy their own virus!

Then again, threats like these were to be expected Even forewarned.

There’s all manner of malware now running amok, masquerading as COVID-19 information, including one that can make a PC unbootable by overriding the master boot record. Now would be a good time to be on the lookout for these types of threats.

Smart computing goes a long way here.