The CrowdStrike Microsoft outage that shook the world last week has now been resolved. CrowdStrike, while releasing the details of the technical snag, said the company released a sensor configuration update to Windows systems, which triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.
Also read: Microsoft Outage Forces Industry to Reflect on “Fragile and Interconnected Systems”
“CrowdStrike has corrected the logic error by updating the content in Channel File 291. No additional changes to Channel File 291 beyond the updated logic will be deployed. Falcon is still evaluating and protecting against the abuse of named pipes. This is not related to null bytes contained within Channel File 291 or any other Channel File,” added the company.
However, owing to the unprecedented impact that the Microsoft outage had all over the world, Shawn Henry, chief security officer, CrowdStrike said that they were “deeply” sorry for what had happened. “On Friday we failed you, and for that I’m deeply sorry. I’ve been in my professional life for almost 40 years, and my North Star has always been to “protect good people from bad things. For twenty four years in the FBI, I was involved in hundreds of investigations and crises…terrorist incidents, mass shootings, computer intrusions, and kidnappings. Serving the citizens, safeguarding national security, and keeping people secure is something that’s defined my professional career,” he said.
He went to add that he continued to CrowdStrike with this vision, and to protect them from adversaries, organized crime groups, and hacktivists who were ramping up their attacks on infrastructure, posing grave risk to the commercial and private sector. “We had a vision “to protect good people from bad things”, and we’ve been very successful for more than a decade. We’ve done attribution on attackers hiding in the shadows; we’ve disrupted ransomware attacks and high-risk intrusions at thousands of companies; and we’ve identified and blocked nation state adversaries seeking to exfiltrate valuable intellectual property globally,” added Henry.
Nevertheless, he accepted that the company had failed when it came to the Microsoft outage issue. “On Friday, though, we failed. The past two days have been the most challenging 48 hours for me over 12+ years. The confidence we built in drips over the years was lost in buckets within hours, and it was a gut punch. But this pales in comparison to the pain we’ve caused our customers and our partners. We let down the very people we committed to protect, and to say we’re devastated is a huge understatement. I, and the entire company, take that personally,” added Henry. He also said that CrowdStrike employees, partners and customers were working round the clock to place things back in order. “John Adams once said, “Every problem is an opportunity in disguise.” Our promise to all of you is that CrowdStrike will use this opportunity to emerge better and stronger than ever, because it’s no less than every customer and partner expects and deserves,” he said.