In the aftermath of the CrowdStrike outage in July, Microsoft promised to improve after saying it was a rare event. During Microsoft Ignite 2024 on Tuesday, the company shared changes happening in Windows to prevent similar incidents.

Many of these changes won’t take effect for a while. Quick Machine Recovery, launching in early 2025, will let IT admins fix software remotely even when Windows machines can’t boot. Microsoft is also testing a way for security products to run outside “kernel mode,” making them similar to regular Windows applications.

The kernel mode change, set for private preview in July 2025, aims to fix the problem behind the CrowdStrike outage. An update to CrowdStrike’s Falcon software malfunctioned, causing Windows machines to crash. David Weston, Microsoft VP, said this change will enhance security and recovery, reducing the impact of crashes.

Administrator Protection is another feature previewed by Microsoft. It will allow Windows users without admin permissions to make system changes when needed. This feature grants temporary admin privileges and destroys them after use.

Microsoft is also introducing hot-patching in preview for Windows 11 Enterprise 24H2 and Windows 365. This process downloads and applies updates in the background without the need for a restart, making users less likely to delay updates.

Microsoft is facing criticism for the CrowdStrike incident and for recent hacking incidents. The company is making security its top priority, with thousands of engineers working on cybersecurity. Security efforts are now tied to performance reviews for all employees, and Microsoft has appointed deputy chief information security officers.