A faulty software update from cybersecurity firm CrowdStrike caused a significant global IT outage, disrupting various industries, including airlines and hospitals, and affecting approximately 8.5 million devices. Although CrowdStrike has apologized, it has not committed to compensating affected customers, who may seek remuneration through lawsuits. Estimates suggest the financial impact could exceed $1 billion. Despite potential legal protections in its contracts, CrowdStrike's reputation has suffered, and its competitors may use this incident to attract its clients. The company's CEO emphasized ongoing efforts to restore systems and maintain customer trust.

Costs from the global outage could top $1 billion – but who pays the bill is harder to understand cnn

The article discusses the importance of eBPF (Extended Berkeley Packet Filter) in preventing catastrophic system crashes caused by problematic software updates, especially those involving kernel code. It follows an incident on July 19th, where a widespread Windows outage affected critical sectors worldwide due to a faulty kernel driver update by a security company. The article highlights how eBPF provides a secure execution environment that mitigates such risks by verifying code before execution, thus preventing system crashes. With Linux systems already leveraging eBPF, upcoming support for Windows is expected to extend these benefits across platforms. The article urges companies to require eBPF-based solutions to enhance system security and reliability.

Brendan Gregg's Blog brendangregg.com

Microsoft has released a free recovery tool to address a CrowdStrike update issue that caused the "blue screen of death" on 8.5 million Windows machines. The tool offers two repair options and supports various Windows environments, including those hosted on Hyper-V. The first option uses the Windows PE recovery environment and requires a USB drive to delete the corrupt file, although BitLocker users may need to enter recovery keys manually. The second option attempts to recover systems in safe mode and is aimed at specific configurations. Additionally, Fenix24 has developed a set of free, automated recovery scripts for Windows and VMware users to mitigate the issue without manual patching, although drive encryption may still necessitate manual intervention. Full instructions and additional details are available online for both solutions.

CrowdStrike Update: Microsoft Releases Windows Tool To Fix 8.5 Million Machines Forbes

Health system IT teams are progressively restoring computer systems and EHR access following a global outage caused by a faulty software update by CrowdStrike, which primarily impacted Windows-based computers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported continued malicious activity, including phishing attempts during the outage, and is working closely with CrowdStrike and other partners to monitor threats. Many hospitals, affected in nearly every state, have experienced scheduling delays and reverted to paper charting. Microsoft has released a recovery tool to assist, with endorsements from the American Hospital Association. Health systems and IT teams are praised for their swift and effective response to maintain patient care during the disruption.

Hospital IT Teams Still Working to Resolve CrowdStrike-Related Outage Issues HCINnovationGroup