Outage caused by CrowdStrike’s disastrous update affected 8.5 million devices
The update left airlines, banks and major companies facing the blue screen of death.
The global outage caused by a faulty update from cybersecurity provider CrowdStrike on Friday affected some 8.5 million Windows devices, Microsoft said in a blog post. The update triggered a blue screen of death, bringing systems used by hospitals, airlines, banks and other major services temporarily to a standstill. Only machines running Windows were affected.
While the issue was mostly resolved by Friday afternoon, Microsoft and CrowdStrike are still dealing with the fallout. In the blog post on Saturday, Microsoft’s VP of Enterprise and OS Security, David Weston, wrote that the company is working with CrowdStrike to “develop a scalable solution that will help Microsoft’s Azure infrastructure accelerate a fix for CrowdStrike’s faulty update.” Microsoft has also called in help from Amazon Web Services (AWS) and Google Cloud Platform (GCP).
CrowdStrike said in its own blog post on Saturday that the update — a sensor configuration update — “was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks.” Unfortunately, for devices running Windows 7.11 and above that use CrowdStrike’s Falcon sensor, it instead “triggered a logic error that resulted in an operating system crash.” The total number of devices affected worked out to be “less than one percent of all Windows machines,” according to Weston.