94 views 2 mins 0 comments

Widespread IT Outage Due to CrowdStrike Update

In News
July 20, 2024

While the widespread outage due to a CrowdStrike update glitch was not a cyberattack, criminals quickly acted to take advantage of it, using phishing attacks. CISA has been posting updates. The most recent was yesterday evening.

Update 7:30 p.m., EDT, July 19, 2024: 

CISA continues to monitor the situation and will update this Alert to provide continued support.

Initial Alert (11:30 a.m., EDT, July 19, 2024):

CISA is aware of the widespread outage affecting Microsoft Windows hosts due to an issue with a recent CrowdStrike update and is working closely with CrowdStrike and federal, state, local, tribal and territorial (SLTT) partners, as well as critical infrastructure and international partners to assess impacts and support remediation efforts. CrowdStrike has confirmed the outage:

  • Impacts Windows 10 and later systems.
  • Does not impact Mac and Linux hosts.
  • Is due to the CrowdStrike Falcon content update and not to malicious cyber activity.

According to CrowdStrike, the issue has been identified, isolated and a fix has been deployed. CrowdStrike customer organizations should reference CrowdStrike guidance and their customer portal to resolve the issue.

Of note, CISA has observed threat actors taking advantage of this incident for phishing and other malicious activity. CISA urges organizations and individuals to remain vigilant and only follow instructions from legitimate sources. CISA recommends organizations to remind their employees to avoid clicking on phishing emails or suspicious links.

Check for later updates at CISA.gov.

CrowdStrike’s most recent update on Falcon Content Update for Windows Hosts was early this morning and can be found on their site.