Neil Cybart Neil Cybart

The CrowdStrike / Microsoft Outage Will Benefit Apple

Hello everyone. Today's update will be dedicated to discussing the CrowdStrike / Microsoft catastrophe which is still impacting the corporate world.

Let's jump in.


The CrowdStrike / Microsoft Outage Will Benefit Apple

Here’s the WSJ:

“The blue screen of death has been a dreaded symbol of technological failure since Microsoft’s Windows became the world’s dominant operating system in the 1990s.

On Friday, it showed up on millions of computers around the world at once, highlighting both Microsoft’s continued ubiquity in workplaces and decades-old design choices that allowed the actions of a little-known software company to disable millions of Windows machines. Some security professionals also say Microsoft hasn’t taken the vulnerability of its software seriously enough…

Friday’s outage was caused by a buggy update sent to corporate clients by CrowdStrike, one of hundreds of cybersecurity firms that have built a business promising to make Windows more secure. Microsoft has its own competing product, called Windows Defender…

Many people who showed up at work Friday morning knew only one thing though: Their PCs had the blue screen of death, while Macs and Chromebooks were still working. Searches for ‘Microsoft outage’ outranked ‘CrowdStrike outage’ on Google consistently from Friday morning through Saturday morning.

Friday’s meltdown brought a trade-off inherent to Windows into sharp relief. Its open design gives developers the freedom to design powerful software that interacts with the operating system at a very deep level. But when things go wrong, the results can be catastrophic, as millions discovered on Friday."


CrowdStrike provided some technical details here as to how a sensor configuration update led to what many are calling the largest IT outage in history.

The heart of the issue is CrowdStrike’s security software (Falcon) runs at the kernel level on Windows. As a result, a Falcon crash in the kernel level led to Windows machines crashing. As part of Endpoint Security Framework (an API toolkit), Apple deprecated third-party kernel extensions in macOS Catalina in 2019. Cutting to the chase, it wouldn't be possible for a company like CrowdStrike to bring down Macs around the world. Over at 9to5Mac, Bradley Chambers took a closer look at the kernel extensions change on macOS here.

The outage first came to my attention Friday morning. Upon waking up and grabbing my iPhone,

An Above Avalon membership is required to continue reading this update. Members can read the full update here. (Members: Daily Updates are accessible via the archive. If you haven’t logged into the archive before, fill out this form to receive an invite.)

Choose either a monthly or annual membership. Payment is hosted by MoonClerk and secured by Stripe. Apple Pay and other mobile payment options are accepted. After signup, use this link to update your payment information and membership status at any time. Contact me with any questions. 

Contact me directly if you would like to purchase multiple subscriptions (five or more) for your team or company.

An audio version of the newsletter is available to members who have the podcast add-on attached to their membership. More information about the podcast add-on is found here. Special Inside Orchard bundle pricing is available for Above Avalon members. Additional membership customization is available via the Financial Models add-ons.

Read More