Microsoft Debuts ‘Quick Machine Recovery’ Tool In Wake of CrowdStrike

Microsoft is continuing its work to ensure a CrowdStrike-like incident never occurs again, debuting the "Quick Machine Recovery" tool....
Microsoft Debuts ‘Quick Machine Recovery’ Tool In Wake of CrowdStrike
Written by Matt Milano
  • Microsoft is continuing its work to ensure a CrowdStrike-like incident never occurs again, debuting the “Quick Machine Recovery” tool.

    Security firm CrowdStrike pushed a faulty update to customers in July 2024, causing issues for millions of Windows computers and bringing the internet to its knees. The update was able to case the damage it did because CrowdStrike’s software runs at the kernel level, the lowest-level core of the operating system. As a result, when the faulty update was pushed out, many machines could not be fixed without physical access—not an issue for desktops and workstations, but a major issue for remote servers.

    In the wake of the incident, Microsoft has been working to address underlying issues and ensure a similar incident never occurs again. A key element of these efforts is its Quick Machine Recovery tool, outlined in a blog post by David Weston, Vice President Enterprise and OS Security at Microsoft.

    Empowering IT administrators with great tools during critical times is a top priority. Our first step is born out of the learnings from the July incident with the announcement of Quick Machine Recovery. This feature will enable IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC. This remote recovery will unblock your employees from broad issues much faster than what has been possible in the past. Quick Machine Recovery will be available to the Windows Insider Program community in early 2025.

    Microsoft Touts Windows 11 Security

    Microsoft touts Windows 11 security, saying it provides better security than Windows 10, thanks to a number of features, “TPM 2.0 and virtualization-based security by default.”

    Security is a pursuit, and not a destination. Today, I am announcing new features to help commercial customers with three longstanding challenges with Windows security — overprivileged users and applications; unverified apps and drivers; and insecure credentials and authentications. These capabilities have been top requests from customers around the world, including our internal Microsoft security team who we are working with to ensure real-world testing in preparation for scaling to our largest customers.

    Weston goes on to outline a number of features that help to bolster Windows 11 security, including reduced administrator privileges.

    • Administrator protection, currently in preview, is a new solution where users have the security of standard user permissions by default, but can still easily make system changes, including app installation, on their PCs when needed. With administrator protection, if a system change requires administrator rights, like some app installations, the user is prompted to securely authorize the change using Windows Hello. Windows creates a temporary isolated admin token to get the job done. This temporary token is immediately destroyed once the task is complete, ensuring that admin privileges do not persist. Administrator protection helps ensure that users, and not malware, remain in control of system resources. It will also be disruptive to attackers as they no longer have automatic, direct access to the kernel or other critical system security without specific Windows Hello authorization.

    Similarly, Windows 11 does more to protect credentials than previous versions of the OS.

    • Windows Hello is the built-in MFA solution on Windows. It has been further hardened and extended to support passkeys. You no longer need to choose between a simple sign-in and a safe sign-in. Windows Hello is also being used to protect Recall and Personal Data Encryption.

    In addition, Windows 11 will provide improved trusted apps and drivers, improved data protection, and better OS management and configuration.

    Nearly 40 years after its launch, Windows continues to evolve to meet the challenges of the ever-changing digital landscape and delivering on expectations for reliability and security. Security is a team effort; by collaborating with OEM partners, app developers and others we deliver Windows from chip to cloud, secure by design and default.

    Microsoft is clearly working to deliver on its promise to make security its foremost concern. The latest improvements to Windows 11 appear to be well-designed features that should go a long way toward protecting Windows users.

    Get the WebProNews newsletter delivered to your inbox

    Get the free daily newsletter read by decision makers

    Subscribe
    Advertise with Us

    Ready to get started?

    Get our media kit