Microsoft is working on the Quick Machine Recovery tool that allows administrators to fix non-starting Windows 11 systems remotely
This development stems from the CrowdStrike incident in July of this year. The global problem caused by a flawed CrowdStrike Falcon update got Microsoft thinking. Users were affected en masse by boot loops or the dreaded blue screen of death.
In response, Microsoft is launching a new Windows Resiliency Initiative in collaboration with (security) vendors. This program aims to prevent similar problems in Windows 11 systems, such as those caused by the CrowdStrike incident.
Quick Machine Recovery Tool
One of the new features is the so-called “Quick Machine Recovery” tool. This feature allows administrators to remotely apply fixes via Windows Update to PCs and laptops that won’t boot.
With this tool, end users can regain access to their devices faster, which significantly speeds up recovery processes. It is expected to be introduced early next year in the Windows Insider program.
Running software outside Windows kernel
In addition to the recovery tool, Microsoft is developing technologies allowing security software to run outside the Windows kernel. This is part of the broader Microsoft Virus Initiative (MVI), a collaboration with security vendors.
Traditionally, many security solutions use kernel drivers to detect anomalous behavior, monitor network traffic, and stop malicious processes. However, updates or drivers with errors can lead to crashes and boot problems.
Under the new initiative, Microsoft and its partners are introducing Safe Deployment Practices (SDP). This includes phased updates via “deployment rings” to minimize risk. In addition, Microsoft encourages using security solutions in user mode, such as applications. This facilitates recovery operations and reduces the impact on the system when crashes occur.
A private preview of this functionality is scheduled for July 2025.
Other announcements
Microsoft also announced a new Zero Day Quest hacking event, with a prize pool of $4 million. In addition, a new Windows 11 admin protection feature is coming into preview, securing key system resources with Windows Hello authentication.
Also read: Should CrowdStrike pay for global IT outage?