Previously, because of CrowdStrikeInternal validator error, resulting in a large-scale shutdown of Microsoft services worldwide and affecting approximately 850 million Windows devices. Currently, about 97% of these devices have been restored, but there are still 3%, or approximately 25 Windows devices that have not yet been restored.
According to CrowdStrike's previous explanation, one of the two updates contained approximately 40KB of incorrect data, but it accidentally passed the CrowdStrike service verification. As a result, CrowdStrike's security threat detection tool "Falcon Sensor" failed to operate correctly, causing the Windows operating system to crash with a blue screen.
As for the impact of this incident, not only did many people report that their Microsoft-related services were unable to operate normally, many Windows devices also experienced crashes and restarts. Airlines including American Airlines, United Airlines, Tigerair Taiwan, Jetstar, and Scoot were all affected. At the same time, the computer systems of hospitals such as National Taiwan University Hospital and Taipei Veterans General Hospital were also affected, but some situations have since resumed normal operations.
CrowdStrike stated that it will take subsequent measures to prevent similar problems from happening again, including more comprehensive testing of updated content and manual testing by local developers. It also includes confirming the correctness of updated content through content updates, rolling testing, stress testing, stability testing and other processes. At the same time, it will also strengthen the verification and inspection process and the subsequent error handling process.
CrowdStrike will also deploy updates in phases to prevent a recurrence of the global update disaster. This will also provide users with greater control over updates, allowing them to adjust system update schedules to suit their business needs and avoid direct impacts on operations. Microsoft also stated that it will improve the scalability of its security products in the future to prevent similar issues from impacting system operations.
