An upgrade from cybersecurity company CrowdStrike appears to have partially caused a global computer outage affecting airports, banks and other businesses on Friday.
CrowdStrike said it is in the process of rolling back the update that caused the issue, and later said a fix for the defect had been deployed.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.
“This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed,” CEO George Kurtz said in a statement on X.
Microsoft began to receive reports of issues in the early hours of July 19. Microsoft 365 for Consumers is currently back up, according to its Service Health page. However, according to its Service Health Status for its cloud services for business, enterprise apps are still experiencing disruption.
In a statement, a Microsoft spokesperson said “We’re aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming,” according to TechCrunch.
The Microsoft spokesperson said that the previous Microsoft 365 service disruption overnight July 18-19 was unrelated to the widespread outage triggered by the CrowdStrike update.
According to the Microsoft spokesperson, the global outage caused by the CrowdStrike update had nothing to do with the earlier Microsoft 365 service disruption that occurred overnight on July 18–19.
There will be a lot of questions to ask and answer about resilience, particularly in cloud services, namely how one single update could bring so much to a grinding halt around the world.
“In our view, cybersecurity products have to clear a higher bar of reliability and security in customer deployments than other technology products because they are mission critical and actively attacked by adversaries.
“In some ways, we believe this will reinforce the barrier to entry in the industry and the need for best-in-class update, outage and customer service protocols, ultimately favoring companies with scale,” Goldman Sachs analysts wrote in a research note Friday.
The giant cybersecurity firm sells and deploys cybersecurity software globally and conducts in-depth hacker investigations.
CrowdStrike’s cybersecurity software is utilized by many Fortune 500 firms, including major worldwide banking, healthcare, and energy companies for detecting and blocking hacking attacks. The software needs extensive access to a computer’s operating system, just as other cybersecurity tools, to search for such threats. The reason behind the crashes on Microsoft Windows systems in this instance seems to be an issue with the way a CrowdStrike software code update is interacting with the Windows system.
The company also helps run cybersecurity investigations for the US government. For example, CrowdStrike has tracked North Korean hackers for more than a decade, the company says. It also was tasked with tracking the hacking groups that carried out the 2014 hack on Sony Picture.
However, CrowdStrike is most recognized for its work looking into the 2016 US election hacking attempt by Russia on the servers of the Democratic National Committee. Since 2016, spurious conspiracy theories have revolved around it, most notably since a White House transcript surfaced that claimed former President Donald Trump brought up Crowdstrike during his July 2016 phone conversation with President Volodymyr Zelensky of Ukraine, which resulted in his first impeachment.
CrowdStrike was the first to publicly sound the alarm about Russia’s meddling in the 2016 election and CrowdStrike’s conclusion was later verified by US intelligence agencies.
The company however said that clients should use the support portal to get the most recent information and communicate with their CrowdStrike agents via official methods.
“Our team is fully mobilized to ensure the security and stability of CrowdStrike customers,” he added.
