Microsoft blames CrowdStrike and expects a solution soon. However, the reality shows that the error only appears in the update for Windows servers. Meanwhile, Apple and Linux servers are not affected.
CrowdStrike CEO George Kurtz took responsibility for the flaw and said a software fix had been released. Photo: Bloomberg.
“Have you tried turning it off and on?” is a familiar phrase in IT departments, but now it is repeated by Microsoft on July 19. It was seen as a piece of advice, helping to fix the faulty CrowdStrike update that knocked down thousands of PCs and Windows servers in just one day.
No cyber attacks or security incidents
Banks, airlines, television, and health systems around the world that use Microsoft 365 collectively shut down on a large scale early on July 19.
Thousands of flights and train services have been canceled globally, including more than 1,800 in the US. At the same time, many other public and retail services were also disrupted.
The incident occurred due to a technical issue after global cybersecurity company CrowdStrike updated its software. CrowdStrike is a company that provides antivirus software for Microsoft for Windows devices.
“Earlier today, the CrowdStrike update caused several IT systems around the globe to crash,” Microsoft told CBS News.
A series of devices that use Microsoft services experience errors. Photo: Bloomberg.
Late on July 19, Microsoft said it had “completed mitigation measures”. At the same time, telemetry data also indicates that all affected Microsoft 365 apps and services have been restored. “We are entering the monitoring phase to ensure that the consequences are fully resolved,” the technology company affirmed.
On the CrowdStrike side, CEO George Kurtz accepted responsibility for this error and said that a software fix has been released. He warned that it may take a while longer for the entire system to recover and return to normal.
“We are very sorry for the consequences that have been caused to customers, tourists and anyone affected by this,” Kurtz told NBC.
He said CrowdStrike is in contact with affected customers. The bug that caused this issue was found in an update for Windows servers. Mac and Linux servers are not affected. “This is not a security incident or a cyberattack. The problem has been identified, quarantined and a fix has been implemented,” the CEO said.
Difficult to restore the entire system
In an announcement on Azure, Microsoft said many customers said that trying to reboot virtual machines and PCs multiple times might work.
“We have received feedback from customers that it is necessary to restart multiple times (sometimes up to 15 times). But overall, rebooting is an effective way to fix the problem at this time,” the tech company said.
If restarting the machine 15 times doesn’t work, Microsoft recommends an alternative that many IT professionals are using today. That is to remove the faulty CrowdStrike driver.
But with Microsoft’s Azure virtual machines, the advice is to let IT staff rerun the drive and try to delete the faulty file, rather than having to boot the machine into Safe Mode
The error usage time will take several days. Photo: The National.
According to The Verge, many IT staff say that the reboot has indeed fixed the problem. It’s incredible that one of the biggest problems in the history of the tech industry can be fixed simply by turning the device off and on again, the news site said.
Speaking to Reuters, the chief information officer of identity security firm CyberArk, Omer Grossman, said that even if CrowdStrike releases a fix, the consequences will still take time to resolve. The reason is related to the Endpoint Detection & Response (EDR) system, which runs on private clients.
The endpoints have collapsed, causing a blue screen of death, so they cannot be updated remotely and the problem must be solved manually, i.e. one endpoint at a time. This process is expected to take several days,” Grossman said.
In an interview with CNBC, CrowdStrike CEO Kurtz said that many of the affected systems have begun to recover. Besides, for some customers, they can easily fix the error by restarting the computer or server.
However, he acknowledged that “some systems may not fully recover and we are working individually with each customer”. Kurtz does not provide an exact timeframe. It seems likely that many companies and organizations around the world will have to rely on their own IT departments to restore and operate systems, CBS News concluded.