What is a kernel? CrowdStrike outage shows business continuity still a must

Risk & Repeat: Faulty CrowdStrike update causes global outage

Friday's outage, which was caused by a defective CrowdStrike channel file update, resulted in significant disruptions for airlines, critical infrastructure and more.

A faulty CrowdStrike channel file update last week disrupted millions of Windows devices as well as countless organizations and services in what has become one of the most high-profile security events of recent memory.

The global outage began last Friday when CrowdStrike released a defective sensor configuration update for its Falcon platform that caused Windows devices to crash and enter reboot loops. Microsoft said only 8.5 million Windows devices were affected by the error -- less than 1% of the total. But organizations including airlines, hospitals and more suffered major service disruptions.

Although CrowdStrike responded quickly -- with assistance from Microsoft -- troubleshooting and recovery options were somewhat complicated because they required manual application. Over the weekend Microsoft released a free USB recovery tool. Both CrowdStrike and Microsoft provided a number of remediation techniques to facilitate the process.

However, despite these efforts and CrowdStrike saying this week that a "significant number" of affected devices have been restored, the recovery process is ongoing as CrowdStrike investigates the root cause of the incident.

Editor's note: This podcast was recorded before CrowdStrike published its preliminary Post Incident Review report Wednesday, which revealed that a bug in the Content Validator of the Falcon platform allowed the defective channel file update to pass validation checks before it was sent to customers. CrowdStrike said its full investigation results will be released in a forthcoming root cause analysis report.

On this episode of the Risk & Repeat podcast, TechTarget editors Rob Wright, Alex Culafi and Arielle Waldman discussed last week's outage as well as CrowdStrike's response.

This article was updated on 7/24/24.

Subscribe to Risk & Repeat on Apple Podcasts.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.

Next Steps

Microsoft, SecOps pros weigh kernel access post-CrowdStrike

CrowdStrike disaster exposes a hard truth about IT

CrowdStrike outage shows business continuity still a DR must

CrowdStrike outage underscores software testing dilemmas

CrowdStrike chaos casts a long shadow on cybersecurity

Dig Deeper on Security operations and management

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close