On July 19, 2024, there were signifficant Crowdstrike/Windows-related outages affecting nearly every industry globally. While these outages are not observed to be a security issue, they do involve security software. Here is some detailed information outlining the outages and how to mitigate the attacks. Due to the technical nature of this information, it is advised to direct it to a CISO or CIO.

Context

On 19 July 2024, widespread outages of Windows systems were reported across industries and global regions. According to BleepingComputer, "A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals.

The glitch is affecting Windows workstations and servers, with users reporting massive outages that took offline entire companies and fleets of hundreds of thousands of computers. […] The company revealed that the culprit is a Channel File, which contains data for the sensor (e.g. Instructions). Since it is just a component of the update for the sensor, this type of file can be addressed individually without removing the Falcon Sensor update."

As of this writing, Crowdstrike maintains that the issue is not threat-related.

Crowdstrike & Windows outages report