When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft points finger at the EU for not being able to lock down Windows

Neowin · · Hot! with 51 comments

The Microsoft logo in front of the EU flag

An article published by The Wall Street Journal today ended with an interesting point raised by a Microsoft spokesman regarding the security of the Windows operating system. The spokesman, while not quoted verbatim, is said to have told the WSJ that a 2009 deal with the European Commission is the reason why Microsoft can't lock down its operating system more to boost security.

Following a complaint, the spokesman said, Microsoft agreed back in 2009 with the European Commission that it would give makers of security software the same level of access to Windows that Microsoft gets. This decision means security software vendors have a greater ability to muck up systems as CrowdStrike did this week when it crippled 8.5 million Windows PCs worldwide. Microsoft has since come to the rescue with an auto-fix tool for affected users.

The document that outlines the agreement between Microsoft and the European Commission is available as a Doc file on Microsoft's website.

The document states that Microsoft is obligated to make available its APIs in its Windows Client and Server operating systems that are used by its security products to third-party security software makers. The document says that Microsoft has to also document the APIs on the Microsoft Developer Network except where they create security risks.

Giving security software vendors access to these APIs, while good for a level playing field, which is what the EU was concerned about, it's not great for security as we saw this week when CrowdStrike knocked very important machines offline causing chaos worldwide.

Ironically, while the EU was aiming to make things fair, Apple and Google which make macOS and ChromeOS are not bound by the same restrictions... yet. According to the WSJ, Apple told developers in 2020 that its operating system would no longer give them kernel-level access. While this change meant developers had to change their software, it also meant less could go wrong.

The European Union has been ramping up measures to tackle so-called anti-competitive behavior by big tech in recent years so it's pretty unlikely to go down a path where it allows Microsoft to lock down Windows further, despite the benefits that would offer.

Source: The Wall Street Journal

Report a problem with article
CrowdStrike
Next Article

Cybercriminals exploit CrowdStrike chaos to spread Crowdstrike-hotfix.zip malware

Samsung Galaxy Z Flip6
Previous Article

Samsung Messages will no longer be the default messaging app on Galaxy Phones in the US

Join the conversation!

Login or Sign Up to read and post a comment.

51 Comments - Add comment