SA国际传媒

SA国际传媒

Global IT outage linked to faulty security update

CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts

Global Internet Outage

Travelers wait in line at Baltimore/Washington International Thurgood Marshall Airport in Baltimore, Friday, July 19, 2024.

AP Photo/Stephanie Scarbrough

By Michael Grothaus
Fast Company

The world is waking up to a global IT outage that has affected everything from emergency services to air travel to banks. The outage has to a faulty automated security update from cybersecurity firm CrowdStrike Holdings, which was pushed out to its customers鈥 computers. Here鈥檚 what you need to know.

What鈥檚 happened?
Tens of thousands of Windows PCs across the world are experiencing the Blue Screen of Death this morning after cybersecurity firm CrowdStrike pushed out an automatic update to its security software on its clients鈥 machines.

The update inadvertently contained a bug that forced machines that received it to crash, resulting in the Blue Screen of Death, the screen that appears on a Windows PC when there has been a critical error in the software.

Due to this bug and its resulting system crashes, services that rely on these computers are also down across the world.

Is this a cyberattack?
No. As of the time of this writing, there are no indications that the global outage is a cyberattack or hack. It appears to all stem from a bug in an update to third-party cybersecurity software used on some Windows computers.

Are all Windows PC affected?
No. It鈥檚 important to note that this outage is not the result of a flaw in Windows itself. Rather, it is a flaw with Windows security software provided by the independent cybersecurity company CrowdStrike.

Because of this, only PCs running the impacted CrowdStrike software are affected, and not every Windows PC across the world. CrowdStrike鈥檚 services are used by scores of Fortune 500 companies.

What services and businesses are impacted?
Numerous types of businesses and services are impacted in countries around the world, these include:

  • Hospitals and doctor鈥檚 offices
  • Airlines
  • Grocery stores
  • Banks
  • Retail stores
  • Emergency services
  • Small, medium, and large companies

The above list is an example of the types of institutions around the world that have been reported to be impacted in some way. Not all these types of institutions are impacted in all countries.

In some countries, impacted hospitals have had to revert to manual analog ways of processing patients in order to keep operating. At many airports, check-in counters were unable to process travelers. And in many retail stores, manned and self-checkout machines ceased to function. There have also been reports on social media that many restaurants and small businesses have had to revert to using cash only since payment terminals have also been affected.

What is CrowdStrike?
CrowdStrike Holdings, Inc. is a publicly-traded company that was founded in 2013. It is headquartered in Austin, Texas.

The company provides endpoint security software鈥攖his is software that its customers can push to all the individual devices in their company, be it their employee鈥檚 work laptops or a retailer鈥檚 point-of-sale terminals.

What has CrowdStrike said?
In a on X, CrowdStrike president and CEO George Kurtz confirmed the issue seems to have been due to a bug in CrowdStrike software.

鈥淐rowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts鈥,鈥 Kurtz wrote. 鈥淭his is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.鈥

Are Mac and Linux computers affected?
No. If you have a Mac or a Linux computer, the CrowdStrike bug will not affect your system. It will only affect Windows PCs running CrowdStrike鈥檚 software that received the faulty software update.

When is a fix coming?
CrowdStrike says it has already identified and issued a fix for the error.

But there seems to be a hiccup. Some Windows PCs that are experiencing the Blue Screen of Death into Safe Mode or the Windows Recovery Environment so the fix can be implemented. This means that a human being may need to manually access some of the PCs that are impacted.

For companies and organizations with large in-house IT teams, this will be annoying, but at least they have the manpower to do this. However, many smaller and medium-sized businesses rely on third-party IT support, often remote.

Those support companies may need to send their IT technicians out into the field to help fix the problem on the individual PCs. But given how many individual clients those support companies have, it could take a while for their technicians to make the rounds.

How has Wall Street reacted to this?
When it comes to CrowdStrike stock, not well. As of the time of this writing shares of Crowdstrike Holdings (ticker: CRWD) are currently trading down over 14% to around $294 per share.

Fast Company 漏 2024 Mansueto Ventures, LLC.
Distributed by Tribune Content Agency, LLC.

Trending
The SS4A program funds initiatives through grants to prevent roadway deaths and serious injuries
A proposed fentanyl vaccine might be a useful addition in the fight against opioids, but it isn鈥檛 necessary to protect first responders from occupational exposure to the drug
The Highlander Fire Protection District will become the primary EMS provider for two communities in Floyd County
EMS crews used CyanoKits to treat some of the many victims of the Jefferson City house explosion