The CrowdStrike IT outage has hit 8.5 million computers worldwide according to Microsoft. It’s essentially confirmation that it’s the biggest event of its kind in history.
“We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines,” wrote David Weston – Microsoft Vice President, Enterprise and OS Security.
“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services.”
DJURO SEN CHATS WITH JAYNIE SEAL ABOUT THE LATEST CROWDSTRIKE NEWS
The problem started mid-afternoon Friday (Sydney time) when people started reporting BSOD (Blue Screen of Death) in huge numbers. PCs around the world were essentially stuck in a boot loop and their users didn’t know why.
The outage was caused by a defect found in a CrowdStrike Falcon content update for Windows hosts. The issue was identified, isolated and a fix deployed a few hours later by CrowdStrike. But the damage had already been done.
“Although this was not a Microsoft incident, given it impacts our ecosystem, we want to provide an update on the steps we’ve taken with CrowdStrike and others to remediate and support our customers,” explained Weston on his blog post.
Weston also detailed what Microsoft is doing to assist.
- Engaging with CrowdStrike to automate their work on developing a solution. CrowdStrike has recommended a workaround to address this issue and has also issued a public statement. Instructions to remedy the situation on Windows endpoints were posted on the Windows Message Center.
- Deploying hundreds of Microsoft engineers and experts to work directly with customers to restore services.
- Collaborating with other cloud providers and stakeholders, including Google Cloud Platform (GCP) and Amazon Web Services (AWS), to share awareness on the state of impact we are each seeing across the industry and inform ongoing conversations with CrowdStrike and customers.
- Quickly posting manual remediation documentation and scripts found here.
- Keeping customers informed of the latest status on the incident through the Azure Status Dashboard here.
While many businesses are back online there’s still plenty of work to be done and lessons to learn.
“This incident demonstrates the interconnected nature of our broad ecosystem — global cloud providers, software platforms, security vendors and other software vendors, and customers.
“It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritise operating with safe deployment and disaster recovery using the mechanisms that exist.
“As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together.
“We appreciate the cooperation and collaboration of our entire sector, and we will continue to update with learnings and next steps.”
