CrowdStrike is an endpoint security company based in Texas that protects some of the biggest multi-national brands on the planet. However, an error in the latest kernel update to its Flacon Sensor protect has caused chaos for Windows PCs worldwide
An error within critical computer code from antivirus firm CrowdStrike has caused chaos across the globe, with airlines and train operators experiencing huge delays, banks and businesses unable to accept payment, and Sky News taken off the airwaves.
The CrowdStrike issue has caused millions of Windows 10 and Windows 11 desktop PCs and laptops to be stuck on an error message, known as the Blue Screen of Death (BSDO). There is a workaround to stop the BSOD error, which has left NHS GP surgeries unable to take appointments.
A spokesperson for CrowdStrike has confirmed the global IT outage was "not a security incident or cyberattack", reassuring that “the issue has been identified, isolated, and a fix has been deployed".
With an official fix on the way, we should see this disastrous outage start to be resolved... although it promises to be a long and arduous process.
Of course, we have no idea when the CrowdStrike outage fix will be finished, but it's worth noting that installing the patched software will most likely require a human visit to every affected PC. Yes, every single one.
This could take days or even weeks as IT experts work on every cash point, supermarket checkout, airport departure board, and more.
With the devastating consequences of this botched update with us for the foreseeable future, it's a good time to examine what is CrowdStrike and how can a single company cause such widespread chaos?
CrowdStrike is a well-respected malware protection tool used by some of the biggest companies in the world.
According to figures published on its own website, CrowdStrike is used by 298 of Fortune 500 companies to shield themselves from malware and cyber-attacks. 8 out of the top 10 financial services, food and beverages, and technology companies have a relationship with CrowdStrike to use its products too.
Unlike an update from Microsoft, which usually requires you to restart your PC before it's applied, CrowdStrike can push out a new kernel driver to its clients, which is applied directly to the operating system.
If everything is working correctly, it means there's no need to rely on individuals to remember to download, install, and restart machines to guarantee that everyone is protected from the latest threats.
However, if there's an error in the code pushed out to millions, it triggers the mind-blowing level of disruption we're seeing today. There's some dispute online about whether the IT outages were caused by a single update from CrwodStrike or a "faulty channel file", something we'll likely only learn in the coming days.
CrowdStrike Falcon is the name of the latest security product from the brand, headquartered in Austin, Texas.
"The intelligent, lightweight CrowdStrike Falcon sensor, unlike any other, blocks attacks on your systems while capturing and recording activity as it happens to detect threats fast," the marketing material promises.
And yes, it was a well-intentioned change to this Falcon sensor file stored across millions of Windows PCs that appears to have triggered the issue. Cashpoints and Self Service tills reliant on CrowdStrike antivirus protection have been pictured showing the Blue Screen of Death error message from the Windows operating system — leaving them unable to process cash or contactless payments.
"The issue has been identified, isolated and a fix has been deployed," Mr Kurtz wrote on X, formerly Twitter. "We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
"We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers."
CrowdStrike does offer its Falcon sensor protection system for macOS, but it seems the faulty channel file only impacts those who use CrowdStrike with Windows 10 or Windows 11. This has been confirmed in a statement from CrowdStrike Chief Executive George Kurtz shared on X, formerly Twitter.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Mr Kurtz posted.
