CrowdStrike Update Causes Global Microsoft Outages: What You Need to Know
TL;DR: outages affecting Microsoft VMs, no impact to OpenVPN
On the morning of July 19, millions woke to the news that businesses across the world were impacted by a global computer outage caused by a bug in an update to cybersecurity software CrowdStrike. The outage caused widespread impacts to a variety of businesses and critical community infrastructures, causing planes to be grounded, healthcare systems and banking to go down, television stations to go offline, and 911 dispatchers in many cities to stop functioning. In short, if your business relies on Microsoft and had CrowdStrike downloaded, you likely were not able to use your computers at all today. And if you work in IT, today is one you likely won’t soon forget.
Here’s what you need to know about the widespread Windows outages stemming from a faulty update pushed by cybersecurity company CrowdStrike.
What happened with CrowdStrike and Microsoft?
During the early morning hours of July 19, CrowdStrike issued an automatic software update to its users. This update encountered an issue with Microsoft operating systems, causing the “blue screen of death.”
At 5:40 a.m. ET, Microsoft issued a statement: “We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check (BSOD [blue screen of death]) and get stuck in a restarting state. We approximate impact started around 19:00 UTC on the 18th of July.”
Early Friday, CrowdStrike CEO George Kurtz told customers in a post on X that the outages were caused by “a defect found in a single content update of its software on Microsoft Windows operating systems” and that “Mac and Linux hosts are not impacted.”
The affected update was pulled by Microsoft — but the damage was already done for Microsoft users across the globe.
Who was impacted by the CrowdStrike and Microsoft error?
Any user who has a Microsoft operating system with CrowdStrike downloaded may have been impacted in the outage.
The outage affects the CrowdStrike Falcon Sensor product specifically, which CrowdStrike calls “the platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks—including malware and much more.”
What Should You Do if You Were Impacted?
Now, the part that your IT team will need to know – and why you should get them a cup of coffee today.
If your business was impacted, you will need to take a few steps.
First, there is no patch as of this time. This was not a vulnerability or a breach, so the steps are different.
Fortunately, the issue seems to be one that can be corrected but will take significant time and energy from IT teams. CrowdStrike has advised that each device must be manually rebooted in safe mode by an administrator, and the impacted CrowdStrike file “C-00000291*.sys” must be manually deleted.
If your business has hundreds, or even thousands of Microsoft devices, this may take hours or even days to repair as humans will need to do the manual labor of conducting the fixes.
Was OpenVPN Impacted by the CrowdStrike error?
We want to assure you that operations at OpenVPN were not impacted by the CrowdStrike and Microsoft outage. Both CloudConnexa and Access Server services are online and operating as normal. Our robust infrastructure and proactive measures ensure that our customers can continue to rely on us.
Access Server and CloudConnexa are up and running and do not need any updates or changes. We know you still may have questions or concerns, and our customer’s trust and satisfaction is a top priority. Please reach out to your customer success representative or our support team with any questions.
