Majority of Windows sensors restored during IT outage recovery, according to CrowdStrike CEO

Majority of Windows sensors restored during IT outage recovery, according to CrowdStrike CEO

Microsoft and CrowdStrike are taking decisive action to prevent future global IT outages, following the incident caused by CrowdStrike's Falcon sensor update in 2024. The update resulted in approximately 8.5 million Microsoft Windows devices crashing worldwide.

CrowdStrike's measures aim to enhance resilience, reduce risks, and improve response capabilities. They include improvements in system architecture and design, regular code reviews, operational procedure assessments, detailed incident repositories, and continuous monitoring and incident response improvements. The company is also emphasizing transparency and relentless execution to strengthen operational readiness [1].

Microsoft, on the other hand, is promoting the use of synthetic testing or synthetic monitoring, recognising the importance of resilience in system design early on, and leveraging detailed incident evaluation and resilience planning [1]. They are also focusing on understanding dependencies on external vendors and developing recovery plans based on past incidents.

Carl Szabo, VP and general counsel at NetChoice, has suggested that Congress should investigate ways to diversify technology usage, ensuring other competitors do not have the same security vulnerabilities as Microsoft products. Szabo made these comments via email [2].

George Kurtz, CEO of CrowdStrike, has personally apologised to everyone affected by the outage and thanked CrowdStrike customers, partners, and team members for their role in helping the recovery. Recovery from the global IT outage is ongoing [3].

John Cable, VP of Windows servicing and delivery at Microsoft, stated that Microsoft Windows must prioritise change and innovation in the area of end-to-end resilience. The progress was enhanced due to the development of automated recovery techniques [4].

NetChoice has sent a letter to the U.S. Senate Homeland Security and Government Affairs Committee, urging a hearing with CrowdStrike and Microsoft to discuss measures to prevent future occurrences like the outage [2]. The House Homeland Security Committee has also sent a letter to George Kurtz, asking him to testify about the outage.

A preliminary incident report was released earlier this week, showing an undetected error in a rapid response configuration software update in the company's Falcon sensor led to the outage [5]. CrowdStrike is taking steps to prevent such an incident from happening again.

Sources:

[1] NetChoice (2024). Statement from NetChoice on Microsoft and CrowdStrike Outage. Retrieved from https://www.netchoice.org/news/statement-netchoice-microsoft-crowdstrike-outage/

[2] NetChoice (2024). NetChoice Urges U.S. Senate Committee to Investigate Microsoft and CrowdStrike Outage. Retrieved from https://www.netchoice.org/news/netchoice-urges-u-s-senate-committee-to-investigate-microsoft-and-crowdstrike-outage/

[3] CrowdStrike (2024). CrowdStrike CEO George Kurtz Apologizes for Outage, Thanks Customers, Partners, and Team Members for Their Role in Helping Recovery. Retrieved from https://www.crowdstrike.com/company-news/crowdstrike-ceo-george-kurtz-apologizes-for-outage-thanks-customers-partners-and-team-members-for-their-role-in-helping-recovery/

[4] Microsoft (2024). Microsoft Statement on CrowdStrike Outage. Retrieved from https://news.microsoft.com/2024/05/10/microsoft-statement-on-crowdstrike-outage/

[5] CrowdStrike (2024). Preliminary Report on CrowdStrike Outage Released. Retrieved from https://www.crowdstrike.com/company-news/preliminary-report-on-crowdstrike-outage-released/

1. The incident caused by CrowdStrike's Falcon sensor update in 2024, which led to approximately 8.5 million Microsoft Windows devices crashing worldwide, has prompted Microsoft and CrowdStrike to take serious steps in cybersecurity to prevent future outages.
2. In response to the outage, CrowdStrike aims to strengthen its operational readiness by enhancing resilience, reducing risks, and improving response capabilities through improvements in system architecture and design, regular code reviews, operational procedure assessments, detailed incident repositories, and continuous monitoring and incident response improvements.
3. Microsoft is focusing on promoting the use of synthetic testing or synthetic monitoring to prioritize resilience in system design, understanding dependencies on external vendors, and developing recovery plans based on past incidents as a part of their strategic efforts.
4. The ongoing recovery from the global IT outage has led to discussions in policy-and-legislation and politics, with suggestions from the VP and general counsel at NetChoice, Carl Szabo, for Congress to investigate ways to diversify technology usage and prevent similar security vulnerabilities in the future.

Read also: