CrowdStrike releases the details behind Microsoft Windows outage

A sensor configuration update for Microsoft Windows systems that went wrong was the cause of what is now being identified as possibly the largest IT outage in history.

The IT outage on July 19 started when the CrowdStrike software update triggered a logic error. This led to a system crash and caused the ‘blue screen of death’ that many saw on their affected devices.

Also Read: Microsoft recovery tool to find and remove CrowdStrike malware released

The logic error has since been corrected and systems are returning to normal around the world, said CrowdStrike in a release covering the technical details of the outage.

Those affected were largely customers running the Falcon sensor for Windows version 7.11 and above, who were online during certain intervals on July 19.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

All you need to know about the Microsoft outage | Watch

CrowdStrike said that sensor configuration updates were an “ongoing part of the protection mechanisms of the Falcon platform”—its endpoint protection service.

“The update that occurred at 04:09 UTC was designed to target newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. The configuration update triggered a logic error that resulted in an operating system crash,” noted CrowdStrike.

The cause of the incident was not a cyberattack, the company stressed.

Microsoft earlier said that “Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, may encounter a bug check”.

The approximate time of impact could have been as early as 9.39 a.m. IST on July 19, when the CrowdStrike update started rolling out.

To get the latest information about fixing the error and coming back online, users can visit the CrowdStrike website’s blog or support portal. They can also reach out to the company directly.