What’s Happening: CrowdStrike

The recent disruption was caused by a faulty update to CrowdStrike’s Falcon system, which is designed to prevent cyberattacks and enhance security for Windows PCs and servers. This problematic update led millions of affected machines into a persistent boot loop, significantly disrupting operations for many businesses. As reported by the Wall Street Journal, “Friday’s outage was caused by a buggy update sent to corporate clients by CrowdStrike, one of hundreds of cybersecurity firms that have built a business promising to make Windows more secure. Microsoft has its own competing product, called Windows Defender.”

CrowdStrike’s Falcon system has privileged access to the computer’s kernel, which allows it to interact deeply with the operating system. This level of access is intended to provide robust security measures but also means that any bugs or issues within the system can have severe and widespread consequences. The interaction with the kernel level contributed to the devastating impact of the bug, leading to significant disruptions for users.

The faulty update caused machines protected by CrowdStrike’s Falcon system to encounter the infamous Blue Screen of Death, halting their functionality and rendering them inoperable until the issue was resolved. The problem required a comprehensive response, including the manual installation of a new patch and the manual entry of encryption keys to restore normal operation. While this fix is time-consuming, it is feasible and necessary to address the disruption.

For affected customers, the good news is that there is a clear path to resolution. The process involves applying the corrective patch and re-entering encryption keys, which, although labor-intensive, can restore system functionality. Despite the inconvenience, the steps required to fix the issue are manageable and well-documented, ensuring that affected users can return to normal operations.

Regarding our own operations, there is no cause for concern. Based on our current information, none of our Windows-configured servers utilize CrowdStrike’s Falcon system. As a result, our services remain unaffected by the outage, and it is business as usual for us. We continue to monitor the situation closely and remain committed to providing uninterrupted support to our clients.