{"id":840,"date":"2024-07-19T12:11:01","date_gmt":"2024-07-19T12:11:01","guid":{"rendered":"https:\/\/www.pedrof.com\/blog\/?p=840"},"modified":"2026-03-03T01:37:19","modified_gmt":"2026-03-03T01:37:19","slug":"major-it-disruptions-wordwide-caused-by-faulty-crowdstrike-update","status":"publish","type":"post","link":"https:\/\/www.pedrof.com\/blog\/en\/2024\/major-it-disruptions-wordwide-caused-by-faulty-crowdstrike-update\/","title":{"rendered":"Major IT disruptions wordwide caused by faulty CrowdStrike update"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Todays we are seeing major disruptions to IT infrastructure worldwide, afecting Airlines, Banks, Hospitals, Emergency services, Telecom companies, Media outlets, Payments processing, among others. [<a href=\"https:\/\/www.cnbc.com\/2024\/07\/19\/latest-live-updates-on-a-major-it-outage-spreading-worldwide.html\" data-type=\"link\" data-id=\"https:\/\/www.cnbc.com\/2024\/07\/19\/latest-live-updates-on-a-major-it-outage-spreading-worldwide.html\">1<\/a>] [<a href=\"https:\/\/www.dailymail.co.uk\/news\/article-13650333\/Sky-News-Windrush-TV-channel-technical-issues.html\" data-type=\"link\" data-id=\"https:\/\/www.dailymail.co.uk\/news\/article-13650333\/Sky-News-Windrush-TV-channel-technical-issues.html\">2<\/a>]<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The root cause seems to be a faulty update released by CrowdStrike, a Cybersecurity company, for Falcon Sensor, their Endpoint Protection solution, which caused computer to lock-up and not turn-on properly, showing a Blue-screen error.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In an unrelated event, Microsoft Azure Cloud services also had major issues around the time of the &#8220;CrowdStrike problem&#8221; a Central US Azure outage (Tracking Id: 1K80-N_8) &#8211; those issues with Azure seem to be already mostly resolved. [<a href=\"https:\/\/www.techradar.com\/pro\/microsoft-says-its-cloud-services-are-back-up-after-major-outage\" data-type=\"link\" data-id=\"https:\/\/www.techradar.com\/pro\/microsoft-says-its-cloud-services-are-back-up-after-major-outage\">3<\/a>]<\/p>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\">Solution for IT admins<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">As the affected computers and not running properly, unfortunately it seems they will need to be fixed one-by-one.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The solution seems to be:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>1. Boot into Safe mode or the Windows Recovery Environment<br>2. Run the command:<br> del \"C:\\Windows\\System32\\drivers\\CrowdStrike\\C-00000291*.sys\"<br>3. Reboot<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading has-text-align-center\">Key takeaways<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Software and Hardware Vendors have a high responsibility and should extensively test their products &#8211; both with automated tools and manually<\/li>\n\n\n\n<li>Vendors should do gradual releases of software updates, with live monitoring for issues and clients reported issues<\/li>\n\n\n\n<li>You don&#8217;t release significant updates on a Friday!<\/li>\n\n\n\n<li>Vendors should provide easy options or tools to control updates: delay updates for X amount of days, completely disable updates should always be available for IT admins<\/li>\n\n\n\n<li>For companies at large, they should have mechanisms to delay or manually approve updates for their entire IT infrastrucutre &#8211; unfortunately this is not always easy and is largely dependant of options provided (or not provided) by Vendors<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Remember the 3 basic principles of Cybersecurity are <strong>Confidentiality, Integrity and Availability<\/strong>, in the quest to secure the systems we should pay attention to issues like this, which end-up causing as much disruptions as a major CyberAttack.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">We should also be aware that Cybersecurity is, in large part, a risk-management and a balancing act between those 3 pillars.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.crowdstrike.com\/blog\/statement-on-falcon-content-update-for-windows-hosts\/\" data-type=\"link\" data-id=\"https:\/\/www.crowdstrike.com\/blog\/statement-on-falcon-content-update-for-windows-hosts\/\">Statement from CrowdStrike<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/b1c700e0-7317-4e95-aeee-5d67dd35b92f\" data-type=\"link\" data-id=\"https:\/\/support.microsoft.com\/en-us\/topic\/b1c700e0-7317-4e95-aeee-5d67dd35b92f\">Advice from Microsoft to solve this issue<\/a><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Major IT disruptions wordwide caused by faulty CrowdStrike update!\" width=\"750\" height=\"422\" src=\"https:\/\/www.youtube.com\/embed\/ILo5jfssQAA?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>Todays we are seeing major disruptions to IT infrastructure worldwide, afecting Airlines, Banks, Hospitals, Emergency services, Telecom companies, Media outlets, Payments processing, among others. [1] [2] The root cause seems to be a faulty update released by CrowdStrike, a Cybersecurity company, for Falcon Sensor, their Endpoint Protection solution, which caused computer to lock-up and not&hellip; <a class=\"more-link\" href=\"https:\/\/www.pedrof.com\/blog\/en\/2024\/major-it-disruptions-wordwide-caused-by-faulty-crowdstrike-update\/\">Continue reading <span class=\"screen-reader-text\">Major IT disruptions wordwide caused by faulty CrowdStrike update<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":857,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[288],"tags":[94,96,88,90,69],"class_list":["post-840","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-azure-en","tag-cloud-en","tag-cybersecurity","tag-microsoft-en","tag-microsoft-windows-en","entry"],"_links":{"self":[{"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/posts\/840","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/comments?post=840"}],"version-history":[{"count":33,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/posts\/840\/revisions"}],"predecessor-version":[{"id":909,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/posts\/840\/revisions\/909"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/media\/857"}],"wp:attachment":[{"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/media?parent=840"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/categories?post=840"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pedrof.com\/blog\/wp-json\/wp\/v2\/tags?post=840"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}