Microsoft said only an estimated 8.5 million Windows computers were affected by the CrowdStrike Holdings Inc. update that caused widespread outages worldwide on Friday, as the companies continued to help affected customers.
The disruptions caused by an update to CrowdStrike’s Falcon security software spread across the globe throughout Friday, taking banks, airlines and government services offline and causing Windows “blue screens of death.” While the flaw was a sign of incompetence rather than a cybersecurity breach, the effects, including continued system slowdowns and problems, could continue into Sunday and into the week.
Microsoft said in a blog post on Saturday that this was “not a Microsoft incident” but that it was helping customers recover with technical guidance and support to safely bring disrupted systems back online. In addition to working with CrowdStrike, Microsoft is deploying hundreds of engineers and experts to work directly with customers.
Microsoft also said it was working with other cloud providers and stakeholders, including Google Cloud Platform and Amazon Web Services Inc., to share insights about the impact being seen across the industry and “help inform our ongoing dialogue with CrowdStrike and customers.”
“We are working around the clock to provide ongoing updates and support,” David Weston, Microsoft’s vice president of enterprise and OS security, said in a blog post. “In addition, CrowdStrike has helped us develop a scalable solution that allows Microsoft’s Azure infrastructure to help CrowdStrike accelerate the remediation of faulty updates.”
Regarding the affected PCs, Weston noted that while software updates sometimes cause outages, major incidents like the CrowdStrike outage are “rare.” And while less than 1% of Windows machines were affected, the economic and societal impacts are widespread because CrowdStrike is used by many critical services.
“This incident demonstrates the interconnectedness of our broad ecosystem – global cloud providers, software platforms, security vendors, other software vendors, and our customers,” Weston added. “And it reminds us how important it is for all of us across the technology ecosystem to use existing mechanisms to prioritize secure deployments and disaster recovery.”
The confusion caused by CrowdStrike’s update was also a topic covered by theCUBE analyst Dave Vellante, who wrote Saturday that the outage highlights the vulnerabilities of our connected world and the critical infrastructure that runs it.
While there’s no doubt that a CrowdStrike update was the cause of the outage, questions have been raised about whether some of the blame should be pointed at Microsoft.
“This incident is Microsoft’s fault, not CrowdStrike’s,” JJ Guy, CEO of exposure management firm Sevco Security Inc., told SiliconANGLE. “Correctly, CrowdStrike pushed a kernel-level update that caused widespread blue screens. Certainly, this should have been detected during QA, and we’ll no doubt get a post-mortem report detailing why it wasn’t detected during release procedures. But software bugs happen, and they’re inevitable, even for a top-tier company like CrowdStrike.”
“This is a high impact incident not because of a blue screen, but because of repeated blue screens on reboot. [appears as of now] “Repairing would require manual command-line intervention on each box, even more difficult if BitLocker is enabled,” Guy added. “This is the result of insufficient resilience in the Microsoft Windows operating system. Software that repeatedly causes failures on boot should not be automatically reloaded. We need to stop blaming CrowdStrike for one bug, when it is the behavior of the OS that is causing repeated system failures.”
Image: SiliconANGLE/Ideogram
Your vote of support matters to us and helps keep our content free.
With just one click below you can support our mission of providing free, rich, relevant content.
Join the YouTube community
Join a community of over 15,000 #CubeAlumni experts, including many notable figures and experts, such as Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more.
“TheCUBE is an important partner for the industry. You guys are really participating in our events. We really appreciate you coming. I think people also appreciate the content that you’re creating.” – Andy Jassy
thank you
