Global IT Outage Impacts 8.5 Million Devices

Last Friday’s global IT outage caused by a CrowdStrike update impacted 8.5 million Windows devices.

That’s according to a blog by David Weston, Microsoft’s vice president of enterprise and OS security. Those millions of devices represent less than 1% of all Windows machines. However, that 1% caused quite the impact, Weston said.

Microsoft's David Weston

“While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” he said. “This incident demonstrates the interconnected nature of our broad ecosystem – global cloud providers, software platforms, security vendors and other software vendors, and customers. It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist. As we’ve seen over the last two days, we learn, recover and move forward most effectively when we collaborate and work together.” 

Recovery From Global IT Outage Continues

In the meantime, CrowdStrike said it's continuing to help customers recover from the global IT outage, which caused computers across to display the dreaded "blue screen of death."

CrowdStrike has since laid the blame on a defective channel file in a Falcon content update for Windows hosts. It did not impact Mac orLinux hosts. Moreover, CrowdStrike stated that a cyberattack had not occurred.

Related:CrowdStrike Update Disables Windows PCs Around the World

According to its latest update, CrowdStrike tested a new technique to accelerate impacted system remediation.

“We’re in the process of operationalizing an opt-in to this technique,” it said. “Customers are encouraged to follow the tech alerts for latest updates as they happen and they will be notified when action is needed.

CrowdStrike Facing Tough Questions

In a LinkedIn post, CrowdStrike said “we understand the profound impact this has had on everyone. We know our customers, partners and their IT teams are working tirelessly, and we’re profoundly grateful. We apologize for the disruption this has created. Our focus is clear: to restore every system as soon as possible.”

Among comments, Albert Sessa, senior IT support partner at Trane Technologies said “the real question I have is why do we allow any company to automatically push any updates to 8.5 million PCs?”

“We don’t let Microsoft do that at a corporate level,” he said. “Why aren’t we able to manage our CrowdStrike updates in a similar manner? We should be able to test and validate similar to other updates. One company should not be capable of causing such disruption by pushing a simple update. There needs to be better controls in place. Hopefully, this fiasco starts that conversation and initiates changes to the update process.”

And Alireza Bahrami, manager of customer support at Commvault, posted “can you elaborate on how you are helping customers to fix this?”

“Half of my crew had to go in to office for our helpdesk team to fix the boot issue in person and yet you are saying you are fixing this for customers?” he said. “Instead, better explain how did an update [get] released into production without proper testing and what were your risk controls to make sure individuals are not doing dodgy operations.”