11:39
13:16
09:59
14:15
10:28
09:59
11:39
13:16
09:59
14:15
10:28
09:59
11:39
13:16
09:59
14:15
10:28
09:59
11:39
13:16
09:59
14:15
10:28
09:59
A faulty update from CrowdStrike resulted in a global IT outage on Friday, affecting 8.5 million Windows devices, according to Microsoft.
This number represents “less than one percent of all Windows machines,” but the widespread disruption dramatically impacted retailers, banks, airlines, and various other industries.
The problem originated from a sensor configuration update to CrowdStrike’s Falcon platform, causing a Windows logic error. CrowdStrike detailed the problem in a technical breakdown released on Friday, explaining that the configuration files involved, known as “Channel Files,” are part of Falcon’s behavioral protection mechanisms. These files are regularly updated several times a day to address new tactics and techniques identified by CrowdStrike.
The timeline of events was outlined by CrowdStrike:
"On July 19, 2024, at 04:09 UTC, CrowdStrike released a sensor configuration update to Windows systems. This update caused a logic error, resulting in system crashes and blue screens (BSOD) on impacted systems."
The systems affected were those running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration between 04:09 UTC and 05:27 UTC.
Wardle highlighted that CrowdStrike’s channel file updates were pushed to computers regardless of settings intended to prevent automatic updates.