Facepalm: Businesses worldwide suffered outages on Friday due to an issue with an update from CrowdStrike’s widely-used security software. Naturally, customers and employees of the affected companies swiftly poked fun at the situation. Fortunately, CrowdStrike has provided an update on how to resolve the problem.
CrowdStrike has apologized for the debacle that sparked worldwide panic on Friday, assuring customers it has resolved the issue. Those still affected should refer to the company’s support site for detailed instructions.
The problem stems from a faulty file in a recent Falcon Sensor security system update that could cause a Blue Screen of Death on Windows systems. As a result, transportation systems, broadcasters, hospitals, emergency services, and other organizations across the globe experienced massive disruption.
– Morning Brew �*ï¸Â (@MorningBrew) July 19, 2024
In an update, the company confirmed that Windows hosts that went online after around 1:30 am EDT should be unaffected. Hosts running on the older Windows 7 and 2008 R2 operating systems are also okay. Somewhat hilariously, Southwest Airlines dodged the outage by running its systems on Windows 95. Those who aren’t experiencing any issues don’t need to take action.
Amazing — it looks like the only reason Southwest avoided being hit by the outage was because they’re still running on ancient software pic.twitter.com/MejC70h3Ip
– Morning Brew �*ï¸Â (@MorningBrew) July 19, 2024
The questionable channel file is called “C-00000291*.sys” with a 0527 UTC timestamp. Users having trouble booting Windows after CrowdStrike reverted the update can find it under %WINDIR%\System32\drivers\CrowdStrike after booting in safe mode or Windows Recovery mode. The reverted version of the file has the same name but a 0409 UTC timestamp. CrowdStrike also has detailed instructions for fixing affected virtual and cloud systems.
Meanwhile, social media was not lacking from first-hand accounts, citizen reporting, and memes galore.
Weather tracker Colin McCarthy provided a 12-hour time-lapse of dissipating air traffic from American Airlines, Delta, and United as flights across the US were grounded due to the disruption.
12-hour timelapse of American Airlines, Delta, and United plane traffic after what was likely the biggest IT outage in history forced a nationwide ground stop of the three airlines. pic.twitter.com/wwcQeiEtVe
– Colin McCarthy (@US_Stormwatch) July 19, 2024
happy international bluescreen dayð pic.twitter.com/caAvytQyS9
– sxchopea (@sxchopea) July 19, 2024
One airline customer took a photo of their first-ever handwritten boarding pass.
The Microsoft / CrowdStrike outage has taken down most airports in India. I got my first hand-written boarding pass today �… pic.twitter.com/xsdnq1Pgjr
– Akshay Kothari (@akothari) July 19, 2024
Another user on X posted an advertisement from CrowdStrike’s website warning about how digital security threats could quickly sink a business, a statement that seems wildly inappropriate now. Some might consider the incident a sign of how security software can sometimes unnecessarily burden systems.
#Crowdstrike ad aged like milk. Everyone is down across the globe pic.twitter.com/5ERszPDGcJ
– Peter Campbell ð¦ðºð¦ (@Aviator_Pete) July 19, 2024
A prevalent theme among onlookers is how Mac and Linux users were unaffected.
Mac users watching the #Crowdstrike debacle: pic.twitter.com/Pn3XVZsnfx
– �’��’�áµÂ Jony Ive (@JonyIveParody) July 19, 2024
Waking up as a Linux user today #Crowdstrike pic.twitter.com/rkC4hGQhLY
– It’s FOSS (@itsfoss2) July 19, 2024
I set my wallpaper to this so I didn’t feel like I was missing out. pic.twitter.com/rEyM9tzwEP
– Loftwah (@loftwah) July 19, 2024
One Reddit user took the opportunity to poke fun at a racecar sponsored by CrowdStrike.
George, switch the car to Safemode
byu/platinumpt informuladank
even the Mercedes F1 team are struggling with the CrowdStrike Windows BSOD outage and they’re wearing CrowdStrike t-shirts ð pic.twitter.com/vgXksdVGr0
– Tom Warren (@tomwarren) July 19, 2024
On a more serious note, the event could renew the focus on consolidation in the cybersecurity industry, as it shows the dangers of putting too many eggs into one basket. A new report from the Financial Times highlights how a handful of companies, including CrowdStrike, control at least half the market.