ETV Bharat / technology

Microsoft Outage: CrowdStrike Explains What Exactly Went Wrong

The outage took place on Friday morning worldwide, causing disruptions to flights, banks, the stock market, and many other services. Cyber-security platform CrowdStrike said the outage occurred due to a configuration update, which triggered a logic error and led to a system crash and blue screen (BSOD) on impacted systems.

The outage took place on Friday morning worldwide, causing disruptions to flights, banks, the stock market, and many other services.
Global Microsoft Outage (IANS)
author img

By IANS

Published : Jul 20, 2024, 12:48 PM IST

New Delhi: As millions of Windows computers were left crippled for hours, disrupting the services of airlines, banks, hospitals and stock exchanges worldwide, cyber-security platform CrowdStrike on Saturday tried to explain what actually went wrong at their end.

According to the company which provides third-party security updates to the Satya Nadella-run tech giant, on July 19, at 9.30 am (India time), it released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform.

“This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems,” said CrowdStrike. In a technical blog, the company said the sensor configuration update that caused the system crash was remediated at around 10.57 am. “This issue is not the result of or related to a cyberattack,” it said.

Millions of customers running Falcon sensors for Windows version 7.11 and above that were online were impacted. “Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 9.30 am to 10.57 am -- were susceptible to a system crash,” the company said.

According to it, this is not a new process and the architecture has been in place since Falcon’s inception. The update that occurred at 9.30 am was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. The configuration update triggered a logic error that resulted in an operating system crash.

“CrowdStrike has corrected the logic error by updating the content in Channel File 291. No additional changes to Channel File 291 beyond the updated logic will be deployed. Falcon is still evaluating and protecting against the abuse of named pipes,” the company explained. Systems that are not currently impacted will continue to operate as expected, continue to provide protection, and have no risk of experiencing this event in the future.

“We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing,” said CrowdStrike.

Read More

  1. Microsoft Outage Sparks Global Panic: Windows Users Hit by Blue Screen Chaos; Airlines Affected
  2. Passengers Face Tough Time At Airports After Global Microsoft Outage

New Delhi: As millions of Windows computers were left crippled for hours, disrupting the services of airlines, banks, hospitals and stock exchanges worldwide, cyber-security platform CrowdStrike on Saturday tried to explain what actually went wrong at their end.

According to the company which provides third-party security updates to the Satya Nadella-run tech giant, on July 19, at 9.30 am (India time), it released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform.

“This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems,” said CrowdStrike. In a technical blog, the company said the sensor configuration update that caused the system crash was remediated at around 10.57 am. “This issue is not the result of or related to a cyberattack,” it said.

Millions of customers running Falcon sensors for Windows version 7.11 and above that were online were impacted. “Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 9.30 am to 10.57 am -- were susceptible to a system crash,” the company said.

According to it, this is not a new process and the architecture has been in place since Falcon’s inception. The update that occurred at 9.30 am was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. The configuration update triggered a logic error that resulted in an operating system crash.

“CrowdStrike has corrected the logic error by updating the content in Channel File 291. No additional changes to Channel File 291 beyond the updated logic will be deployed. Falcon is still evaluating and protecting against the abuse of named pipes,” the company explained. Systems that are not currently impacted will continue to operate as expected, continue to provide protection, and have no risk of experiencing this event in the future.

“We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing,” said CrowdStrike.

Read More

  1. Microsoft Outage Sparks Global Panic: Windows Users Hit by Blue Screen Chaos; Airlines Affected
  2. Passengers Face Tough Time At Airports After Global Microsoft Outage

For All Latest Updates

ETV Bharat Logo

Copyright © 2024 Ushodaya Enterprises Pvt. Ltd., All Rights Reserved.