The CrowdStrike Outage 3 Days Later

Additional details continue to come to light following global IT outage causing industry-wide disruption

July 22, 2024

Health care and other sectors are still working to untangle the global IT outage stemming from the CrowdStrike software update.

Three days after the outage, the global cybersecurity firm has provided additional insights about what led to the issue and their efforts to address it.

“We understand the profound impact this has had on everyone,” CrowdStrike said in an statement. “We know our customers, partners, and their IT teams are working tirelessly and we’re profoundly grateful. We apologize for the disruption this has created. Our focus is clear: to restore every system as soon as possible.”

Here’s what you need to know:

• Scope and cause:  The incident affected 8.5 million Windows devices, or about 1 percent of all Windows machines. The outages stemmed from a defect in a recent CrowdStrike content update for Windows hosts, officials said.
  • “While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” Microsoft noted.
• Key detail:  The incident was not a cyberattack, but involved the defect found in a Falcon content update for Windows hosts.
  • Mac and Linux hosts were not impacted.
• What’s happening:  The company is working with affected companies on a potential workaround to address ongoing issues.
• Resources for hospitals:  Last week, HAP’s Emergency Management team issued a bulletin with key recommendations for the health care community, including an alert to be on guard for scammers looking to take advantage of the incident.
• Quotable:  “This incident demonstrates the interconnected nature of our broad ecosystem—global cloud providers, software platforms, security vendors and other software vendors, and customers,” Microsoft said in its update. “It’s also a reminder of how important it is for all of us across the tech ecosystem to prioritize operating with safe deployment and disaster recovery using the mechanisms that exist.” 

Additional information from Microsoft and CrowdStrike is available online.