Issue Resolved – Apology from Crowdstrike CEO

Issue Resolved – Apology from Crowdstrike CEO

Kurtz – CrowdStrike CEO has apologized to the company’s customers and partners for crashing their Windows systems, and the company has described the error that caused the disaster.

The issue has been identified, isolated and a fix has been deployed.

George Kurtz – CrowdStrike Founder and CEO said:

“I want to sincerely apologize directly to all of you for today’s outage. All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority.

The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.

CrowdStrike is operating normally, and this issue does not affect our Falcon platform systems. There is no impact to any protection if the Falcon sensor is installed. Falcon Complete and Falcon OverWatch services are not disrupted.

Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike. As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again.”

Ref: Crowdstrike Blog Statement on IT Outage

Details

  • Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon sensor.
  • Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted.
  • Windows hosts which are brought online after 0527 UTC will also not be impacted
  • This issue is not impacting Mac- or Linux-based hosts
  • Channel file “C-00000291*.sys” with timestamp of 0527 UTC or later is the reverted (good) version.
  • Channel file “C-00000291*.sys” with timestamp of 0409 UTC is the problematic version.

Note: It is normal for multiple “C-00000291*.sys files to be present in the CrowdStrike directory – as long as one of the files in the folder has a timestamp of 0527 UTC or later, that will be the active content.

“CrowdStrike has corrected the logic error by updating the content in Channel File 291.” Crowdstrike Concluded in their Blog.

That didn’t solve the problem for the many, Windows machines that had already downloaded the defective content then crashed, though.

Crowdstrike Technical Glitch

Crowdstrike Technical Glitch

A wide IT outage that spanned thousands of companies and individuals took place on Friday after a software glitch at CrowdStrike, a cybersecurity firm whose services are used by many organizations.

This resulted in “Blue Screen Death” error in  several Microsoft Windows devices leading to system crashes across businesses such as airlines, banks, retailers, media companies and stock markets, to name a few

CrowdStrike has acknowledged the problem and is working on a solution. While some systems have reportedly recovered, the full extent of the damage and recovery timeline remains unknown.

What is CrowdStrike and caused Outage?

CrowdStrike is a cybersecurity technology company founded in 2011. The company offers solutions like cloud workload protection, endpoint security, threat intelligence and cyberattack response services.

The outage is primarily attributed to a malfunctioning update from CrowdStrike’s Falcon Sensor, a component of their endpoint security software, designed to protect devices from cyber threats.

According to reports, the latest update contained a bug that caused the sensor to conflict with the Windows operating system. This resulted in the infamous ‘blue screen of death’.

Cybersecurity experts have warned the ongoing outage highlights a “critical” weakness threatening the operations of many organizations across the globe.

Crowdstrike users are urged not to download and install any update from the software until the issue is resolved.

Share
Share