The infamous Windows Blue Screen of Death (BSOD) will be replaced later this summer by a new black screen as part of Microsoft’s Windows Resiliency Initiative (WRI).

Initially previewed in green, Microsoft’s bet on black at least ensures backward compatibility for the BSOD acronym.

Images of the revised color scheme can be seen in the tech giant’s “Quick machine recovery” documentation and in its blog post on the subject.

Redmond has been here before: Windows 3.1 had a black screen of death and a “blue screen of unhappiness.”

The new Windows 11 unexpected restart screen – Click to enlarge

The cosmetic rollback, scheduled to debut later this summer on all Windows 11 version 24H2 devices, coincides with functional reengineering of Windows code to better prevent, manage, and recover from security incidents.

The Windows code revision follows CrowdStrike’s faulty sensor configuration update, which took down about 8.5 million Windows machines in July 2024. We note that in April of that year, former senior White House cyber policy director AJ Grotto opined that Microsoft and its products represented a national security threat. And in June 2024, we recall Microsoft president Brad Smith being grilled by US government officials about Microsoft’s security shortcomings.

Two months after the CrowdStrike incident, in September 2024, Microsoft hosted the Windows Endpoint Security Ecosystem Summit (WESES), where vendors and customers discussed ways to make Windows less fragile.

One of the approaches to making Windows more resilient involves revising how security applications interoperate with the Windows kernel. As part of the WRI and the related Microsoft Virus Initiative (MVI), Windows is being tweaked to run security software outside of the kernel. That should make it less likely for the entire system to fail due to shoddy vendor security code.

In the aforementioned blog post, David Weston, VP of enterprise and OS security at the Windows giant, explains that the company plans to offer a private preview of the new Windows endpoint security platform to its MVI partners next month.

“The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel,” says Weston. “This means security products like anti-virus and endpoint protection solutions can run in user mode just as apps do. This change will help security developers provide a high level of reliability and easier recovery resulting in less impact on Windows devices in the event of unexpected issues.”

To signal that security vendors are onboard with the Windows revision, Weston’s post includes canned quotes from firms like … CrowdStrike.

“We spoke at WESES last year to emphasize the importance of our industry coming together and, since then, have seen significant customer interest in the progress toward greater platform resiliency,” says Alex Ionescu, Chief Technology Innovation Officer at CrowdStrike, in a statement.

“Through this collaboration, we’ve driven substantial improvements to the planned capabilities for the Windows endpoint security platform, paving the way for a more integrated high-performing security solution.”

There’s always room for improvement. ®