In a recent statement, CrowdStrike Holdings Inc. (NASDAQ: CRWD) disclosed details concerning the outage affecting Microsoft Corp's (NASDAQ: MSFT) Windows users, attributed to a flawed security update.
What Happened: As per their press release on Wednesday, the issue originated from the Falcon platform's Rapid Response Content, a dynamic protection mechanism to detect novel threat techniques, which inadvertently caused a system crash due to an undetected error in the update. CrowdStrike noted that the affected systems were those running Windows sensor version 7.11 and above, which were online during the brief window between 04:09 UTC and 05:27 UTC on the day of the incident.
CrowdStrike has since reverted the defective update, mitigating the issue for systems coming online post-05:27 UTC or those that had not received the problematic update. The company emphasized that Mac and Linux hosts remained unaffected.
In their preliminary Post Incident Review, CrowdStrike outlined their ongoing efforts to prevent such disruptions in the future. This includes enhancing the testing and validation processes for Rapid Response Content and implementing a staggered deployment strategy to better monitor system responses during updates.
George Kurtz, CrowdStrike's CEO, extended a personal apology to customers and partners while assuring that the team is working with the affected users.
"We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you're engaging with official CrowdStrike representatives. Our blog and technical support will continue to be the official channels for the latest updates," Kurtz added.
The full details of the incident will be elaborated in a forthcoming Root Cause Analysis, which CrowdStrike plans to release publicly to provide greater insight into the issue and its corrective measures.
CrowdStrike assures its users that despite the hiccup, their Falcon platform is functioning normally, and all other services, including Falcon Complete and Falcon OverWatch, have not been disrupted. The company has taken additional steps to classify the problematic channel file as known-bad in their systems to prevent future occurrences.
Why It Matters: The outage caused by CrowdStrike has had significant global implications. The CEO, George Kurtz, has been summoned by a U.S. congressional panel to testify on the global tech outage. The faulty update affected less than 1% of Windows users globally, which equates to approximately 8.5 million machines, as revealed by Microsoft.
Analysts predict that the recent global tech outage could cost over $1 billion. There are expectations of demands for remuneration and possibly lawsuits. As tech analyst Dan Ives of Wedbush Securities noted, "If you're a lawyer for CrowdStrike, you're probably not going to enjoy the rest of your summer."
Price Action: On Wednesday, Crowdstrike was trading 1.16% higher in the pre-market since its close of $268.88 on Tuesday while Microsoft was trading 0.91% lower than its previous day's close of $444.85, according to Benzinga Pro.