News

Microsoft CrowdStrike Global Outage – Everything That You Need To Know

A Microsoft global outage has gravely impacted Windows users including aviation, banking, and various emergency services. Let’s find out what this outage is all about in this Microsoft outage news.

On 18th July 2024 (Thursday), at around 6 pm (EST) there was Microsoft Azure outage which led to widespread service interruptions. And, the Windows outage issue did not stop there.

Across the globe, Microsoft Windows users have been impacted by a massive Microsoft outage, apparently caused by a CrowdStrike update. In this post, we’ll dive deeper, see what sectors have been impacted, and try to find a fix for this CrowdStrike issue.

If you have unexpectedly encountered a ‘blue screen of death (BSOD)” error on your Windows PC, you are not alone, as the Windows outage has impacted users globally. Millions of others impacted by the issue have encountered unexpected computer shutdowns or restarts, resulting in users losing unsaved data as well as time.

In most cases, the blue screen of death is accompanied by an error message stating “Your PC ran into a problem and needs to restart. We’re just collecting some error info, and then we’ll restart for you.”

Microsoft Services Affected By The Falcon Sensor Error in CrowdStrike

●     PowerBI – Service in read-only mode.

●     Microsoft Teams – Users unable to use functionalities like group chats, presence, and user registration.

●     Microsoft Fabric – Same as PowerBI.

●     Microsoft 365 – Admins not able to access the Microsoft 365 admin center, and even if they are, actions may be delayed.

●     Viva Engage – Users may be unable to access the service.

What’s even more surprising is that not just individual users, but critical sectors like banks, airports, and other emergency services have also been affected by today’s Microsoft Azure outage.

The culprit – An update caused by CrowdStrike. So, what is CrowdStrike and the issue with the global outage?

In response to this global issue, a spokesperson of Microsoft shared their statement – “We’re aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming,”

What is CrowdStrike? What is the CrowdStrike Outage All About?

CrowdStrike is a cybersecurity firm that integrates with Windows to provide advanced security. It uses cloud-based AI and machine learning to identify and remove threats in real time.

More specifically, it uses Falcon Identity Threat Protection. This uses a single sensor, unified threat interface with attack correlation across workloads, endpoints, and identity to stop any identity-driven breaches in real time.

What is The Reason Behind The CrowdStrike Outage Issue?

The conflict in the Windows system has reportedly been caused by a buggy update that caused CrowStrike’s Falcon Sensor to malfunction.

Addressing the CrowdStrike outage issue, George Kurtz the CEO of CrowdStrike, has assured Windows users that the outage is not because of a cyberattack or a security incident and it occurred because of “a defect found in a single content update for Windows hosts.”

Here’s what he tweeted and we quote –

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.

We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”

What The Security Experts Have To Say?

Omar Grossman, the global chief information officer at security firm CyberArk, said this about CrowdStrike’s products – “ This is a product that runs with high privileges that protects endpoints, A malfunction in this can, as we are seeing in the current incident, cause the operating system to crash.”

Addressing the issue further, he added “The first is how customers get back online and regain continuity of business processes. It turns out that because the endpoints have crashed – the Blue Screen of Death – they cannot be updated remotely and thus the problem must be solved manually, endpoint by endpoint. This is expected to be a process that will take days.”

“The second is about what caused the malfunction. The range of possibilities ranges from human error – for instance, a developer who downloaded an update without sufficient quality control – to the complex and intriguing scenario of a deep cyberattack, prepared ahead of time and involving an attacker activating a “doomsday command” or “kill switch”. CrowdStrike’s analysis and updates in the coming days will be of the utmost interest,”

How Can The Issue Be Fixed?

Here’s one of the possible workarounds in case hosts are still crashing and unable to stay online to receive the file changes –

Step 1 – Boot Windows into Safe Mode or Windows Recovery Environment (Windows RE) as shown in this post.

Step 2 – Navigate to C:\Windows\System32\drivers\CrowdStrike directory

Step 3 – Locate the file matching C-00000291*.sys, and delete it.

Step 4 – Boot the host normally.

Closing Words

Were you affected by the MS server outage as well? If so, share your experience in the comments section below. For more such content, keep reading Tweak Library.

Leave a comment