CrowdStrike Holdings is an American cybersecurity technology company based in Austin, Texas. It provides cloud workload protection and endpoint security, threat intelligence, and cyberattack response services to various organisations. Reportedly, over 29,000 companies, including banks, hospitals, airliners, and several Fortune 500 companies, use cybersecurity software from CrowdStrike. As per the reports of 2023 by Canalys, CrowdStrike is the world leader in endpoint security with an 18.5 per cent market share in Q2 2023. Similarly, several reports have stated that the stocks of the company have increased by 400 per cent in the last five years. This company almost instantly became a leader in cybersecurity and witnessed steady growth in its popularity in the last decade.
So what happened this Friday?
The week’s friday have seen the world’s biggest-ever IT outage wrecked computer systems across the globe. Friday’s tech glitch led to a chaos across different sectors, including aviation facing the brunt of inaccessible systems. The whole issue happened after a software update to Microsoft Azure from CrowdStrike that went horribly wrong. The faulty update led to a blue screen of death on n number of PCs that had updated their software. Both Microsoft and CrowdStrike scrambled to contain the situation and as the day progressed, Microsoft reported that several of its apps were gradually back online.
Similarly, CrowdStrike ruled out that the incident was a cyberattack. Amidst the chaos, CrowdStrike has been trending on the Internet with statements from CEO George Kurtz even as the cybersecurity company’s stock price plummeted after such outage. Microsoft has released a recovery tool that’s designed to help IT admins repair Windows machines that were impacted by CrowdStrike’s faulty update that crashed nearly 8.5 million Windows devices on Friday. The tool creates a bootable USB drive that IT admins can use to help quickly recover impacted machines.
While CrowdStrike has issued an update to fix its software that led to millions of Blue Screen of Death errors, not all machines were able to automatically receive that fix. Some issues have been reported that rebooting PCs multiple times will get the necessary update, but for others the only route is having to manually boot into Safe Mode and deleting the problematic CrowdStrike update file. Microsoft’s recovery tool has now made the recovery process less manual, by booting into its Windows PE environment via USB, accessing the disk of the affected machine, and automatically deleting the problematic CrowdStrike file to allow the machine to boot normally. This avoids the hassle of having to boot into Safe Mode or a requirement of admin rights on the machine. If a disk is protected by BitLocker encryption, the tool will prompt for the BitLocker recovery key and then continue to fix the CrowdStrike update.