Risk & Repeat: Faulty CrowdStrike update causes global outage

A faulty CrowdStrike channel file update last week disrupted millions of Windows devices, as well as countless organizations and services, in what has become one of the most high-profile security events of recent memory.

The global outage that began last Friday was caused when a CrowdStrike released a defective sensor configuration update for its Falcon platform caused Windows devices to crash and enter reboot loops. Microsoft said only 8.5 million Windows devices were affected by the error -- less than 1% of the total – but organizations including airlines, hospitals and more suffered major service disruptions.

Although CrowdStrike responded quickly -- with assistance from Microsoft -- troubleshooting and recovery options were somewhat complicated because they require manual application. Over the weekend Microsoft released a free USB recovery tool, and both CrowdStrike and Microsoft provided a number of remediation techniques to facilitate the process.

However, despite these efforts and CrowdStrike saying this week that a "significant number" of affected devices have been restored, the recovery process is ongoing as CrowdStrike investigates the root cause of the incident.

On this episode of the Risk & Repeat podcast, TechTarget editors Rob Wright, Alex Culafi and Arielle Waldman discussed last week's outage as well as CrowdStrike's response.

Subscribe to Risk & Repeat on Apple Podcasts.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.