On July 19, 2024 an incident occurred where approximately 8.5 million Windows computers were taken offline due to a bad definition file being deployed to the CrowdStrike Falcon product. Due to the way that the definition file was formatted, the way that Windows does not allow bad drivers to be bypassed at boot time, and the way that Windows handles Antivirus products in general all contributed to the outage. It has been a year since this incident and I wanted to go over what has changed, and if it is still possible for this issue to occur in the future.

Read More

I woke up on Friday July 19, 2024, and read that there was a massive IT outage in progress that was affecting airlines, financial institutions, and various other businesses worldwide. I was aware of CrowdStrike prior to this outage, and it was not surprising to me at all that something like this finally happened at this scale. While I have never been a customer of CrowdStrike, I have used products in the past that worked in a similar manner, and they always made me nervous how they deployed updates. These updates have the potential to cripple all workstations and servers in an organization with only one minor issue, and that is exactly what happened.

Read More