On July 19, several systems came to a grinding halt in a global outage as professionals faced mass Windows BSODs (blue screen of deaths). Although it only affected Microsoft machines, the true culprit was a dodgy Crowdstrike update, which could take weeks to fully fix.
Crowdstrike is one of the leading cybersecurity vendors, with software baked into most enterprise systems. One janky update and the whole ecosystem came crumbling down, grounding flights and trains, nullifying banks, and hampering healthcare systems to critical cases only.
Confirming it wasn’t a cyberattack, company CEO George Kurtz stated that the problem stems from an update intended to fix a bug in Windows devices. Instead, the sensor configuration “triggered a logic error.”
By July 22, Crowdstrike had identified the issue and deployed a fix. Kurtz ensured his team was “fully mobilised to ensure the security and stability of CrowdStrike customers.”
It’s tough to tell just how long it’ll take for everything to return to normal. Kurtz says it’ll take some time, while industry expert Adam Leon Smith says it could take “weeks.” Most affected users can’t gain access to systems to revert the patch, meaning they might need manual intervention.
Kurtz has expressed that he’s “deeply sorry” for the scale of the situation, which hit the majority of countries. Even when systems are back up and running, it’s difficult to believe that’ll be the end of the fallout. With so much damage done, this has highlighted the risk of putting all your eggs in one basket.