Last week, the tech sector came to a halt when millions of devices running Windows 10 faced the Blue Screen of Death (BSOD). Airlines cancelled flights, and banks and businesses stopped working for hours and we experienced one of the biggest outages in tech history. Sharing more information about the outage, Microsoft revealed that the destruction caused by a software update from cybersecurity firm CrowdStrike impacted nearly 8.5 million Windows devices. However, these devices were less than 1 percent of all machines running Windows.
While the number looks concerning, it shows how big Microsoft’s web is, powering billions of devices across the world. Nevertheless, even the 1 percent of impacted devices led to severe repercussions last week, including grounded flights, disrupted broadcasting services, and inaccessibility to essential services like healthcare and banking. Despite the relatively small percentage of affected devices, the impact was significant due to devices using CrowdStrike software to manage critical operations.
To recall, the outage that happened last week stemmed from a software update released by cybersecurity firm CrowdStrike. The bug in the update impacted the Falcon Sensor used in many critical systems. Once installed on the devices, the bug led to significant disruptions, including triggering the Blue Screen of Death (BSOD) on Windows devices. “While software updates may occasionally cause disturbances, significant incidents like the CrowdStrike event are infrequent. We currently estimate that CrowdStrike’s update affected 8.5 million Windows devices, or less than one percent of all Windows machines. While the percentage was small, the broad economic and societal impacts reflect the use of CrowdStrike by enterprises that run many critical services,” said Microsoft in the official blog post.
To address the widespread fallout, Microsoft promptly released a USB recovery tool aimed at repairing the affected devices. This tool provided two primary recovery options: recovering from WinPE (Windows Preinstallation Environment) and recovering from Safe Mode. The ‘recover from WinPE’ option allowed users to restore their machines without needing local admin privileges, although BitLocker key entry was required if encryption was enabled. For users without access to their BitLocker key, Microsoft made the ‘recover from Safe Mode’ option available, needing local admin privileges but providing an alternative recovery route for non-encrypted devices or those with unknown BitLocker keys.
Additionally, Microsoft also collaborated with major cloud service providers such as Amazon Web Services (AWS) and Google Cloud Platform (GCP) to accelerate the fix for the CrowdStrike update. CrowdStrike itself played a crucial role in developing a solution to mitigate the effects of the faulty update. These collaborative efforts ensured a coordinated response, emphasising the interconnected nature of the tech ecosystem and the importance of cooperation in addressing and resolving such widespread issues.