
A global outage issue was resolved with the deployment of a CrowdStrike fix. This fix was specifically designed to address a critical problem that was affecting users worldwide.
The issue was identified and isolated by CrowdStrike's team of experts, who worked tirelessly to develop a solution. They were able to pinpoint the root cause of the problem and create a fix that would resolve it.
The fix was deployed quickly and efficiently, with minimal disruption to users. This was made possible by CrowdStrike's advanced infrastructure and robust testing protocols.
As a result of the fix deployment, users were able to regain access to the platform and continue with their activities uninterrupted. The fix was a significant success, and it highlighted the importance of having a robust incident response plan in place.
A fresh viewpoint: Guaranteed Issue
Global Outage
A global outage was triggered on Microsoft devices across the globe, affecting major global organisations and banks.
The outage was not a security incident or cyberattack, but rather a defect found in a single content update for Windows hosts. Mac and Linux hosts were not impacted.
CrowdStrike deployed a new content update that resolved the issue, and a fix has been deployed to resolve the previously erroneous update and subsequent host issues.
According to Cyber Solutions by Thales, devices may need to reboot for the changes to take effect and for the blue screen (BSOD) issues to be resolved.
Tesserent noted that if hosts are still crashing and unable to stay online to receive the channel file changes, users can work around this issue by booting Windows into Safe Mode or the Windows Recovery Environment.
The outage hit Australian organisations on 19 July and every major company, from Foxtel to MyGov, the big four banks and supermarkets had been affected. Airlines were also experiencing issues, forcing planes to remain grounded.
Microsoft has said that the underlying cause behind the disruption in the Azure cloud service has been fixed, adding the issue with the Windows 365 personal computers was caused by a recent update to the CrowdStrike software.
CrowdStrike's Falcon Sensor threat-monitoring software was the cause which led to Microsoft’s Windows operating system to crash.
Curious to learn more? Check out: Root Cause Analysis
Technical Details
Channel Files, used by CrowdStrike, reside in the C:\Windows\System32\drivers\CrowdStrike\ directory on Windows systems. Each Channel File is assigned a number as a unique identifier.
The impacted Channel File in this event is 291, with a filename starting with "C-00000291-" and ending with a .sys extension. Channel Files, despite ending with the SYS extension, are not kernel drivers.
Channel File 291 controls how Falcon evaluates named pipe execution on Windows systems. Named pipes are used for normal, interprocess or intersystem communication in Windows.
The update that occurred at 04:09 UTC was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. This configuration update triggered a logic error that resulted in an operating system crash.
Systems running Linux or macOS do not use Channel File 291 and were not impacted.
A different take: Rbz Extension
Root Cause and Fix
CrowdStrike's root cause analysis is ongoing to determine how the logic flaw occurred, and the company is committed to identifying foundational or workflow improvements to strengthen its process.
The root cause of the global outage was identified as a recent update to CrowdStrike's Falcon Sensor threat-monitoring software.
CrowdStrike's CEO, George Kurtz, has confirmed that a fix has been deployed to resolve the issue, and the company has set up a dedicated hub to provide Windows users with updates, remediation guidance, and best practices to mitigate the incident's impact.
The dedicated hub includes technical information about the outage, affected systems, and a statement by CEO George Kurtz, and it is frequently updated with the latest data on resolving the problems arising from the outage.
Microsoft has also said that the underlying cause behind the disruption in the Azure cloud service has been fixed, and the issue with Windows 365 personal computers was caused by the recent CrowdStrike software update.
Shares of CrowdStrike were down close to 20 percent during pre-market trade on Wall Street, and shares of Microsoft were also under pressure during pre-market trade in the US.
A different take: Ge Aerospace Has Risen during the Recent Market Slide.
Outage Resources
CrowdStrike has set up a dedicated hub that provides Windows users with updates, remediation guidance, and best practices to mitigate the incident's impact.
You can access the latest information on the CrowdStrike update and related fixes on their dedicated hub, which is frequently updated with new data.
The hub includes technical information about the outage, the affected systems, and a statement by CEO George Kurtz, providing users with a comprehensive understanding of the situation.
For the latest updates, head to the CrowdStrike information hub, which is the primary source for resolving the problems arising from the outage.
See what others are reading: What Is the Latest a Bill Collector Can Call
Featured Images: pexels.com


