On 19 July,2024 a faulty update to security software produced by tech giant CrowdStrike caused the disruptions in the computers running Microsoft Windows. CrowdStrike CEO George Kurtz apologized for the disruptions.
CrowdStrike incident 2024, which caused quite a stir in the world of cybersecurity and IT. It disrupted the businesses and critical services worldwide. The cybersecurity platform, relied upon by countless organizations for endpoint protection, faced an unprecedented challenge that exposed vulnerabilities in even the most robust systems.
The 2024 CrowdStrike Incident: A Perfect Storm
What Happened?
On July 19, 2024, a seemingly innocuous update to security software produced by CrowdStrike, an American cybersecurity company, turned into a digital tempest. The update affected countless computers and virtual machines running Windows 10 and Windows 11, causing them to crash ultimately. Systems running Microsoft Windows started reporting “blue screen of death”, which is shown if a faulty software or update causes windows to restart or shutdown unexpectedly. The U.K., India, Germany, the Netherlands, and the U.S., reported disruptions. This wasn’t just any crash—it was the largest outage in the history of information technology. Airlines, airports, banks, hospitals, stock markets, and even emergency services felt the tremors.
Industries Disrupted:
- Airlines: Flights delayed, passengers stranded.
- Airports: Chaos at terminals.
- Banks: Electronic payments hiccupped.
- Hotels: Check-in nightmares.
- Hospitals: Medical systems glitched.
- Stock Markets: Nervous traders.
- Broadcasting: News anchors blinking at blue screens.
- Government Services: Emergency numbers on hold, websites down.
Reason:
- CrowdStrike, known for its suite of security software products, including the flagship Falcon Sensor.
- The Falcon Sensor installs a network sensor at the OS level to detect and prevent threats.
- But this time, a faulty update wreaked havoc. Not a cyberattack—just a digital hiccup.
The Technical Glitch:
- At 04:09 UTC, a configuration file update clashed with the Windows sensor client.
- Result? The dreaded blue screen of death (yes, that one) with the stop code PAGE_FAULT_IN_NONPAGED_AREA.
- Machines stuck in boot loops or recovery mode.
- BitLocker-encrypted devices suffered too—recovery keys were MIA.
Windows 10 and 11: The Main Victims:
- Windows 7 and Windows Server 2008 R2 hosts shrugged it off.
- But if you had CrowdStrike Falcon installed, you were in the digital storm.
Economic Toll:
- Estimated in the billions of pounds. Ouch.
- Ciaran Martin, somewhere, sighed heavily.
Azure’s Bad Week:
- The day before, Microsoft’s Azure cloud platform had its own hiccup.
- Unrelated but compounded problems for affected companies.
Afterwards
The CEO of CrowdStrike resorted to apology on Twitter writing a post about the incident, which reads-“Today was not a security or cyber incident. Our customers remain fully protected. We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on. ”
So there you have it—the day when a software update turned the digital world topsy-turvy. But fear not, fixes were made, apologies issued, and lessons learned. Now, if only we could Ctrl+Alt+Delete our way out of real-life problems, right?
What CrowdStrike Says:
On July 19, 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.
The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC. This issue is not the result of or related to a cyberattack.