CrowdStrike Says Configuration Update Caused Global IT Outage

ISTANBUL — CrowdStrike announced on Wednesday that a content configuration update affecting the Falcon Sensor, which protects key risk areas, and the Windows Operating System led to a global IT outage last week.

According to Philippines News Agency, it released a content configuration update on Friday for the Windows sensor to gather telemetry on possible novel threat techniques, which are a regular part of the dynamic protection mechanisms of its Falcon platform. However, the problematic Rapid Response Content configuration update resulted in a Windows system crash. The company stated that systems in scope included Windows hosts running sensor version 7.11 and above that were online on Friday and received the update, while Mac and Linux hosts were not affected.

The defect in the content update was reverted later on Friday, as stated in the company’s preliminary post-incident review. “Automated recovery techniques, coupled with strategic service delivery partners, have rapidly accelerated resolution,” CrowdStrike wrote on X. “We can’t repeat enough, we’re aware of the impact and deeply sorry this occurred. We want to thank our customers and industry partners for their support and assistance following the release of a faulty content update. We know what happened and how to make sure it doesn’t happen again.”

The global outage hit thousands of computers around the world on Friday and caused interruptions in devices using the Windows operating system.