A global outage caused by a botched update by cybersecurity provider CrowdStrike affected about 8.5 million Windows devices on Friday. Microsoft says the blog post. Update caused a blue screen of death, temporarily suspending systems used by hospitals, airlines, banks and other essential services. Only machines running Windows were affected.
While the issue was mostly resolved by Friday afternoon, Microsoft and CrowdStrike are still dealing with the failure. In a blog post on Saturday, David Weston, Microsoft’s vice president of Enterprise and OS Security, wrote that the company is working with CrowdStrike to “develop a scalable solution to help Microsoft’s Azure infrastructure address CrowdStrike’s bug update.” Microsoft also enlisted the help of Amazon Web Services (AWS) and Google Cloud Platform (GCP).
CrowdStrike said in a blog post on Saturday that the update — a sensor configuration update — “is designed to target newly observed maliciously named pipes used by common C2 frameworks in cyberattacks.” Unfortunately, for devices running Windows 7.11 and above that use CrowdStrike’s Falcon sensor, it “caused a logic error that resulted in an operating system crash.” According to Weston, the total number of affected devices was “less than one percent of all Windows machines.”