On July 18th, CrowdStrike, a popular cybersecurity company, released a problematic update to its Falcon Sensor agent on Windows, causing major disruptions in various sectors around the world, including banks, airlines, and media companies. This faulty update caused Windows PCs to continuously reboot with 0x50 or 0x7E error codes, resulting in the Blue Screen of Death (BSOD).
Since yesterday, CrowdStrike and Microsoft have been providing guidance to affected customers to recover their PCs. You can check out CrowdStrike"s official guide here and Microsoft"s official guide here.
Today, Microsoft confirmed that CrowdStrike"s update issue affected 8.5 million Windows devices, less than one percent of all Windows machines. However, the broad economic and societal impacts observed yesterday reflect CrowdStrike"s usage in several critical sectors, including 911 operations in the US, mass transit in NYC, banking in several countries, and health services in Israel. According to CrowdStrike"s website, it serves over 298 of the Fortune 500 companies, 43 U.S. states, 6 of the top 10 healthcare providers, and 8 of the top 10 financial services firms.
Fixing 8.5 million affected PCs is a massive task, and full recovery may take several weeks. To expedite the recovery of these systems, Microsoft is working closely with CrowdStrike and other leading cloud vendors, including Amazon AWS and Google Cloud. CrowdStrike collaborated with Microsoft to develop a scalable solution that will help Microsoft"s Azure infrastructure accelerate the fix for CrowdStrike"s faulty update.
David Weston, Vice President of Enterprise and OS Security at Microsoft, wrote the following in a blog post explaining how they are helping customers through the CrowdStrike outage:
"This incident demonstrates the interconnected nature of our broad ecosystem - global cloud providers, software platforms, security vendors and other software vendors, and customers. It"s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery practices using the mechanisms that exist."
As the dust settles on this unprecedented incident, the importance of collaboration and swift action in the face of widespread technological disruptions has never been clearer. The collective efforts of CrowdStrike, Microsoft, and other industry leaders demonstrate the power of a unified response in mitigating the impact of such events. This incident underscores the need for cybersecurity companies like CrowdStrike to exercise greater caution and diligence when deploying updates across a large number of systems.
Source: Microsoft