Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Time to get things back on track.
That’s what Microsoft is aiming for on the cybersecurity side after an embarrassing 2024 that was punctuated with the CrowdStrike-driven outage in July that shut down hospitals, airlines, and other major businesses. Initially thought to be a cyberattack, the CrowdStrike glitch struck Microsoft systems and set virtual machines into a restart loop, rendering them unusable.
In order to supersede further glitches, Microsoft announced in a blog post Nov. 19 that it was launching the Windows Resiliency Initiative.
Details, details. The initiative contains a number of programmatic changes that will make things easier for IT teams and administrators, including Quick Machine Recovery, a new feature that Microsoft says will enable “IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC.” That feature, Microsoft said, will be open to the Windows Insider Program early next year.
The new plan will also restrict some administrator privileges to deter token theft attacks, the company said. Administrator protection, a new feature currently in development, will let administrators make some changes to systems while being contained to standard user permissions. Windows will then create temporary tokens to allow administrators to take actions as needed.
Configure this. As IT Brew reported, the CrowdStrike outage was not the only instance where Microsoft found itself in the center of controversy due to errors on the part of users and administrators. An API misconfiguration discovered by AppOmni researcher Sean Costello on November 14 affected millions of records, including 1.1 million the UK’s National Health Service.