Microsoft, CrowdStrike Launch IT System Recovery Solutions

Microsoft and CrowdStrike have revealed that approximately 8.5 million PCs were affected by a faulty update to the Falcon security software developed by CrowdStrike, causing significant disruption to several critical services globally. 

On Friday, July 19, MBN reported that millions of Windows users began experiencing “blue screen of death” (BSOD) issues due to a faulty Falcon antivirus update. The update, part of Falcon's Channel Files update routine, triggered a logic error that resulted in system crashes and BSOD on affected devices. 

Although the percentage of affected computers represents less than 1% of the total Windows installation base, many of these computers supported critical services such as airport check-in, hospital prescription consultation, and emergency communication services.

In response, Microsoft and CrowdStrike have collaborated to develop and distribute solutions to help enterprise IT teams recover their affected systems. The measures announced in a press release by Microsoft include:

• Deployment of Support Teams: Technical support teams from both companies have been deployed to work directly with affected customers, including recovery of cloud instances on Amazon Web Services (AWS) and Google Cloud, in addition to Microsoft's own Azure.

• Workarounds and Documentation: CrowdStrike recommended a workaround and posted detailed instructions in the Windows Message Center. Microsoft has also posted documentation and manual remediation scripts on its official portal.

• Ongoing Collaboration: Microsoft has maintained ongoing communication with CrowdStrike, other cloud providers and third-party developers to gather information and expedite remediation, ensuring that disrupted systems are safely back up and running.

“This incident demonstrates the interconnected nature of our broad ecosystem: global cloud providers, software platforms, security and other software vendors, and customers,” reads Microsoft's press release. 

In response to this situation, Andrés Velázquez, president and director of digital research, Mattica, told Expansión that many organizations' reliance on a single cybersecurity system for malware has led to a slow and manual recovery, revealing a precarious crisis management strategy in many companies.

Amit Yoran, CEO, Tenable, emphasized the need to avoid the dominance of large technology companies and stressed the importance of robust update protocols. According to Yoran, automatic upgrades can increase risks, and he recommended independent testing before deploying new versions.

“If there is one good thing to come out of this situation, it is that more consumer protection laws can be put on the table, where contracts will take into account more conditions and empower both smaller companies and end users,” said Agneris Sampieri, Policy Analyst, Acces Now, to Expansión.