A faulty software update from cybersecurity company CrowdStrike Holdings Inc. affected 8.5 million devices worldwide based on the Microsoft Windows operating system.
Microsoft Corp. announced the complete extent of the worldwide IT outage for the primary time in a 12 months. Blog On Saturday, it was announced that lower than 1% of all Windows devices were affected. “Although the percentage was small,” the Redmond, Washington-based company said, there have been “broad economic and societal implications.”
In what’s going to go down in history as essentially the most catastrophic IT disaster, Fail The CrowdStrike update crashed the systems of firms and governments around the globe, shutting down operations for hours. Emergency lines went down. Thousands of flights were delayed or canceled. Hospitals needed to postpone treatments and trading in markets slowed.
To explain how a software update from one other company caused Windows systems to crash, Ann Johnson, deputy chief information security officer at Microsoft, used the analogy of a driver filling up his automotive with gas.
“If you have a car and you go to the gas station and you get poor quality fuel or contaminated fuel, your car is not going to run properly,” Johnson said in an interview Friday. “The fuel goes through the entire system of your engine and affects performance. It can affect the entire vehicle.”
Similarly, Johnson said, CrowdStrike “lives at a level within Microsoft Windows” to “provide the highest level of security. They live at a level that actually impacts the entire Windows infrastructure if they get something wrong.”
