CrowdStrike CEO George Kurtz has announced that 97 percent of the Windows sensors affected by a problematic software update, which caused a global IT outage last week, have been restored. In his statement on July 25, Kurtz stated that the cybersecurity company is committed to restoring the remaining 3 percent of Windows sensors. These sensors are software components responsible for collecting information and monitoring potential cyber threats.
The outage impacted approximately 8.5 million Windows machines worldwide, causing disruptions in banks, hospitals, flights, and other operations. Republican lawmakers are demanding that Kurtz testify before Congress regarding the incident.
Kurtz emphasized CrowdStrike’s dedication to achieving full recovery for all affected customers. He also shared a preliminary post-incident review explaining that a “problematic” content configuration update for the Windows sensors was released on July 19. This update resulted in a crash of the Windows system due to an undetected error.
It is important to note that computers running Mac and Linux operating systems were not affected by this update bug.
CrowdStrike is taking steps to prevent future problems with software updates by enhancing testing and validation processes. They will also release future updates gradually and staggeredly while providing customers with more control over deployment timing and location. Detailed release notes will accompany these updates.
Founded in 2011 and based in Austin, Texas, CrowdStrike offers cloud-based software protecting computer systems from cyberattacks for tens of thousands of companies worldwide, including 300 Fortune 500 companies.
Experts highlight how this outage raises concerns about the vulnerability of global technological infrastructure. Laura DeNardis from Georgetown University emphasizes the need for multi-stakeholder strategies involving private sector entities, technical coordinating bodies, and governments to address such issues effectively.
While ordinary citizens may have limited influence over critical infrastructure security matters at large scale, DeNardis suggests several steps individuals can take to reduce cyber risks when connecting to the internet: using complex passwords; employing multi-factor authentication; keeping software up-to-date; avoiding unsecured Wi-Fi networks; and utilizing virtual private networks (VPNs).