Blog >

Major Microsoft computer failure linked to Crowdstrike

On July 19, 2024, a major computer failure affected Windows systems using Crowdstrike Falcon, an endpoint protection tool (EDR).

This outage affected several companies and organizations around the world, in various fields such as transport, hospitals, the media, supermarkets, banks, defense, etc. These impacts are very significant. 

 

Problem causing the outage

 Like all real-time detection tools, the Crowdstrike platform is updated regularly / daily. 

During its update on July 19, 2024, a problem occurred that caused the computers running the Crowdstrike agent to crash, making them fully operational.

The blue screen appears on affected computers.

Ecran Bleu Mort

Please note that the problem only affects Windows systems.

 

The problem is not linked to Microsoft

There is some confusion about this outage. But it's not linked to Microsoft. The problem is caused by Crowdstrike. 

 

Solution

In response to the problem, Crowdstrike first proposed a workaround. A security patch was released later that day.

For details of the workaround and the patch, please see this page.



Problem not yet completely solved

Although a security patch is available, manual intervention will be required on some of the affected machines. It may therefore take longer for some organizations to get back to normal.

 

What should you do if you use Crowdstrike?

Now that the Crowdstrike patch is available, all you have to do is apply the update from your centralized Crowdstrike console.

But you may also need to update some systems manually. 

You may need to communicate with your employees about the outage. This is good practice in such a situation.

 

The need for a business continuity plan and an incident response plan

An event like this, although rare, shows just how dependent we are on IT.

We recommend that organizations always have a business continuity plan that clearly sets out alternative measures for continuing to operate, in the event of an IT problem or major cyber-attack.

The incident response plan, meanwhile, will enable you to identify what actions need to be taken quickly to manage a cyber attack, in order to greatly minimize or eliminate its impacts.