CrowdStrike CEO George Kurtz said the company is continuing to recover from the global IT outage, but that 97% of the company’s Windows sensors on its Falcon Security platform were back online as of Thursday.
Kurtz said the development of automated recovery technology has accelerated the incident, and following the release of a preliminary incident report earlier this week, CrowdStrike is taking steps to prevent such an incident from happening again, he said.
Kurtz personally apologized to everyone affected by the outage and expressed his gratitude to CrowdStrike customers, partners and team members who contributed to the recovery.
“To our customers who are still impacted, please know that we will not rest until we achieve a full recovery,” Kurtz wrote in a LinkedIn post. “CrowdStrike’s mission is to continue to protect our operations while earning the trust of our customers.”
CrowdStrike released a preliminary report late Tuesday, revealing that the outage was caused by an undetected error in a rapid response configuration software update for its Falcon Sensor, which resulted in the crash of approximately 8.5 million Microsoft Windows devices, less than 1% of Windows device deployments, but disrupted operations at major airlines, banks, hospitals and other critical organizations around the world.
Microsoft has released another recovery update outlining steps it is taking to make its Windows platform more resilient to prevent such large-scale outages in the future.
“This incident clearly demonstrates that Windows must prioritize change and innovation in the area of end-to-end resiliency,” John Cable, vice president of Windows servicing and delivery, said in a blog post Thursday. “These improvements must be made in tandem with ongoing improvements to security and in close collaboration with our many partners who care deeply about the security of the Windows ecosystem.”
Cable highlighted recent efforts such as the introduction of VBS enclaves, a “software-based trusted execution environment” within a host application, and in January, the company announced Microsoft Azure Attestation, a service that helps verify whether the platform can be trusted and confirm the integrity of the binaries running within it.
The incident highlighted concerns that a single point of failure could have disrupted such a wide range of critical infrastructure providers in the U.S. and around the world.
NetChoice has written to the US Senate Homeland Security and Governmental Affairs Committee requesting a hearing to examine what steps both CrowdStrike and Microsoft are taking to prevent such incidents in the future.
The House Homeland Security Committee sent Kurtz a letter earlier this week inviting him to testify about the blackouts.
Carl Szabo, vice president and general counsel at NetChoice, said the incident highlights the U.S.’s critical infrastructure and government systems’ excessive reliance on Microsoft.
“Congress needs to further explore ways to diversify our nation’s technology use and ensure that other competitors do not have the same security vulnerabilities as Microsoft products,” Szabo said in an email.
