A faulty CrowdStrike software update caused a widespread outage on Friday. Critical services such as airlines, banks, hospitals, and stock exchanges were impacted worldwide.
CrowdStrike announced that the recent Microsoft Windows outage was not the result of a cyberattack. CrowdStrike statement comes as a relief to many users and businesses that rely heavily on Windows for their day-to-day operations.
What Happened?
On July 19, 2024, at 04:09 UTC, CrowdStrike released a sensor configuration update to Windows systems as part of ongoing operations.
A logic error triggered by this configuration update caused the system crash and blue screen (BSOD) on affected systems.
Customers running Falcon sensor for Windows version 7.11 and higher, who were connected to the internet between Friday, July 19, 2024, 04:09 UTC, and Friday, July 19, 2024, 05:27 UTC, might be affected.
Computers equipped with Falcon sensors for Windows 7.11 and higher that received the updated configuration from 04:09 UTC to 05:27 UTC were at risk of experiencing a system crash.
CrowdStrike has rectified the logic mistake by updating the content in Channel File 291. Other than the updated logic, no further changes will be implemented. Falcon is currently evaluating and safeguarding against the misuse of named pipes.
In a blog post, George Kurtz, Founder and CEO of CrowdStrike, said, “A defect in a Falcon content update for Windows hosts caused the outage. Mac and Linux hosts are not affected. It was not a cyberattack. I want to sincerely apologize directly to all of you for the outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.”
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not affected. They ensure the security and stability of CrowdStrike customers.
CrowdStrike is operating normally, and this issue does not affect our Falcon platform systems. If the Falcon sensor is installed, there is no impact on protection, and Falcon Complete and Falcon OverWatch services are not disrupted.
Microsoft has acknowledged the issues with its Azure services and Microsoft 365 apps. “Our services are still seeing continuous improvements while we continue to take mitigation actions,” the company said in a post on social platform X.
Cybersecurity professionals are cautioning about a subsequent surge of disturbances and harm originating from cybercriminals, seeking to take advantage of the chaos.
The Australian Signals Directorate (ASD) released a warning regarding hackers disseminating fraudulent software updates purporting to be from CrowdStrike.
Systems running Linux or macOS do not use Channel File 291 and were not impacted. For help, visit the CrowStrike Support Portal.
Also Read: What is Blue Screen of Death error, and its impact on your computer?
