*** Please note, none of our customers use Crowdstrike and are not directly exposed to this issue. However, Microsoft systems are in a degraded state so issues can be felt in Azure and M365 systems. ***
This morning, news broke of Microsoft IT outages and what seemed like a system update from CrowdStrike, causing major disruptions for organizations worldwide.
It seems this isn’t a security breach or cyber attack – rather, the CrowdStrike issue appears to stem from a faulty channel file linked to the Falcon Sensor, leading to symptoms like the dreaded Blue Screen of Death. CrowdStrike has released an advisory, but unfortunately, only customers can access the full article. The blue screen issue is preventing affected machines from rebooting.
The Falcon Sensor is meant to protect systems from attacks and record any malicious activity for later analysis.
IT departments around the world are going through a tough time right now dealing with this issue. There’s a lot of manual work involved across thousands of systems that can’t be automated, so engineers will need to go on-site to fix things.
The CrowdStrike app is available on the Microsoft Azure Marketplace, and it’s likely that many cloud-based Azure environments hosting important business applications are affected by this problem. This could be causing major issues for industries like Healthcare, Airlines, and Banking.
CrowdStrike has since sorted out the problem and issued a fix. The issue seems to be with the machines that have experienced a Blue Screen of Death already, which may require some manual intervention to resolve. It’s going to be a bit of a process involving engineers diving in and out of computers, so it’s going to take some time to get this all sorted out.