In its first statement after the massive Microsoft outage caused by an update to CrowdStrike 'Falcon Sensor', the security firm's CEO has said the issue has been isolated and a fix has been deployed. He has also apologised for the outage's impact on customers, adding that some systems could take time to recover.
The bug has affected many stock exchanges, supermarkets and flight operations across the globe. Users are experiencing the Blue Screen of Death (BSOD) error, which is causing their systems to shut down or restart unexpectedly.
In a statement on X, CrowdStrike CEO George Kurtz said that the company is working with customers who have been impacted by a defect found in a single content update for Windows hosts, adding that Mac- and Linux-based systems have not been affected.
Emphasising that the outage is not a security incident or cyberattack, he wrote, "The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website."
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
— George Kurtz (@George_Kurtz) July 19, 2024
"We further recommend organizations ensure they're communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers," he added.
Speaking to the ‘Today' programme on NBC News later, Mr Kurtz said his company would make sure every customer is “fully recovered”.
"We are deeply sorry for the impact that we have caused to customers, to travellers, to anyone affected by this, including our company," he was quoted as saying by news agency Reuters.
"Many of the customers are rebooting the system and it's coming up and it'll be operational… It could be some time for some systems that won't automatically recover," he added, but the company "would make sure every customer is fully recovered".
What Microsoft Said
In a statement earlier on Friday, Microsoft said, "We remain committed in treating this event with the highest priority and urgency while we continue to address the lingering impact for the Microsoft 365 apps that are in a degraded state."
"Our services are still seeing continuous improvements while we continue to take mitigation actions," it added.
Workarounds
In an advisory, the Indian Computer Emergency Response Team (CERT-In) has said the following method can be used as a workaround:
– Boot Windows into Safe Mode or the Windows Recovery Environment Navigate to the C:WindowsSystem32driversCrowdStrike directory Locate the file matching "C-00000291*.sys", and delete it.
– Boot the host normally.