latest update about crowdstrike outage
On July 19, 2024, CrowdStrike experienced a major outage caused by a faulty software update, which led to widespread disruptions across multiple sectors. Approximately 8.5 million Windows devices were affected, with many systems entering a continuous reboot loop. This outage impacted critical services, including banks, healthcare facilities, and airlines. Delta Airlines, in particular, faced significant operational challenges with days of flight cancellations and delays, leaving numerous travelers stranded.
As of July 25, 97% of the affected Windows endpoints have been restored, thanks to the concerted efforts of CrowdStrike, its partners, and customers. However, around 250,000 devices still require remediation. CrowdStrike CEO George Kurtz acknowledged the tireless work of all involved and emphasized the company’s commitment to fully restoring all impacted systems.
Here is a visual representation of the CrowdStrike outage, showing the number of devices affected over time from July 19 to July 25, 2024. The annotations indicate significant events during the remediation process.
The faulty update involved a new threat detection feature that, despite rigorous testing, contained problematic configuration data. The defective update, known as “Channel File 291,” passed validation but caused severe issues once deployed. This incident resulted in disruptions across various sectors, including banks, stock exchanges, doctors’ offices, hospitals, and airlines.
In response to the outage, CrowdStrike has promised to overhaul its quality assurance and testing processes. This includes not pushing updates to all endpoints simultaneously but rather in a staged manner to detect potential issues early. The company also plans to release a comprehensive root cause analysis once the investigation is complete.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been actively involved in monitoring the situation and providing guidance to mitigate the impact of the outage. CISA has advised users and administrators to follow legitimate sources for updates, block malicious domains, and follow CrowdStrike’s recommendations to protect against related phishing activities.
Despite the progress, the outage has had significant economic repercussions. Parametrix Solutions, a cloud outage risk modeler, estimated that Fortune 500 companies would collectively face $5.4 billion in direct losses due to the incident. This figure does not account for the intangible losses suffered by Microsoft and other affected entities.
CrowdStrike has been transparent in its response, earning praise from cybersecurity experts for its forthrightness. However, the company faced some backlash after sending $10 Uber Eats voucher codes to staff and business partners as a gesture of goodwill, which some saw as inadequate given the scale of the disruption.
For ongoing updates and detailed guidance on remediation steps, affected users and organizations are encouraged to refer to CrowdStrike’s official channels and support portal.
