Microsoft outage caused by software update from CrowdStrike

On July 18, a software update released by CrowdStrike, an independent cybersecurity firm, began to affect IT systems worldwide. Although Microsoft was not directly responsible for the incident, the impact on their ecosystem prompted the company to take immediate action to support their customers.

Microsoft outage caused by software update from CrowdStrike affected 8.5M Windows devices

From the onset of the issue, Microsoft maintained continuous communication with customers, CrowdStrike, and external developers to gather information and expedite solutions. Recognizing the disruption this event caused for businesses and individuals, Microsoft focused on providing technical guidance and support to restore affected systems.

The steps taken by Microsoft included:

• Collaboration with CrowdStrike: Microsoft engaged with CrowdStrike to automate their efforts in developing a solution. CrowdStrike recommended a workaround and issued a public statement. Instructions to remedy the situation on Windows endpoints were posted on the Windows Message Center.
• Deployment of Engineers: Hundreds of Microsoft engineers and experts were deployed to work directly with customers to restore services.
• Collaboration with Cloud Providers: Microsoft worked with other cloud providers, including Google Cloud Platform (GCP) and Amazon Web Services (AWS), to share information about the impact and inform ongoing discussions with CrowdStrike and customers.
• Provision of Remediation Resources: Microsoft quickly posted manual remediation documentation and scripts.
• Status Updates: Ongoing updates about the incident were provided through the Azure Status Dashboard.

Microsoft's efforts to address the issue included working around the clock and collaborating with CrowdStrike to develop a scalable solution to accelerate the fix for the faulty update. The collaboration extended to AWS and GCP to ensure the most effective approaches were taken.

Despite the relatively small percentage of Windows devices affected - 8.5 million or less than one percent of all Windows machines - the incident had broad economic and societal impacts due to the critical services run by enterprises using CrowdStrike.

This incident highlighted the interconnected nature of the global tech ecosystem, encompassing cloud providers, software platforms, security vendors, and customers. It underscored the importance of safe deployment and disaster recovery practices. Microsoft's Vice President of Enterprise and OS Security, David Weston, emphasized the value of collaboration and learning from such events to recover and move forward effectively. Microsoft expressed appreciation for the cooperation within the tech sector and committed to providing ongoing updates and next steps.