When CrowdStrike Reminded Us of the Y2K Panic

At the dawn of the year 2000, everyone feared a computer catastrophe that ultimately did not happen. However, the recent CrowdStrike incident on professional installations reminded us of that era of digital panic.

What Happened?

Friday morning, around the world, Windows computers at large companies began displaying the « blue screen of death » and could no longer reboot. The cause: a faulty update to CrowdStrike Falcon Sensor, pushed at 4:09 UTC on July 18.

This outage affected airports, grounding planes, banks, hospitals, transportation, media, and stores like Starbucks, which had to close.

What is CrowdStrike Falcon Sensor?

Falcon is endpoint detection and response (EDR) software. It monitors a computer’s operations and attempts to block any malicious activity. Used by about 29,000 companies worldwide, CrowdStrike is known for thwarting major cyberattacks and giving animal-themed names to famous hacker groups.

Why Did This Happen?

An update to Falcon caused Windows to crash. Although tested before deployment, some bugs only reveal themselves at a large scale.

Note: This is not necessarily Microsoft’s fault, although some media are quick to blame them.

What Are the Solutions?

CrowdStrike quickly issued a patch. Restarting the machine (up to 15 times) may resolve the problem. If not, restoring the system to before the faulty update or manually deleting the problematic file is necessary.

The Extent of This Outage

This incident, while not malicious, caused massive disruptions reminiscent of the Y2K fears. As security consultant Troy Hunt said, « this is what we all worried about with Y2K, except it actually happened this time. »