CrowdStrike and Microsoft: all the latest news on the global IT outage – The Verge

Microsoft is building new Windows security features to prevent another CrowdStrike incident

2024-09-12T14:30:26-04:00

Microsoft is announcing plans to make changes to Windows that will help CrowdStrike and other security vendors operate outside of the Windows kernel. The announcement stems from a Microsoft-hosted security summit earlier this week at the company's Redmond, Washington, headquarters, where it discussed changes to Windows in the wake of the disastrous CrowdStrike incident in July.

Windows kernel access has been a hot topic ever since the CrowdStrike catastrophe took down 8.5 million Windows PCs and servers. CrowdStrike's software runs at the kernel level of Windows - the core part of an operating system that has unrestricted access to system m …

Read the full story at The Verge.

CrowdStrike exec will testify to Congress about July’s global IT meltdown

2024-08-30T12:46:06-04:00

A senior CrowdStrike executive will testify before the House Homeland Security Committee next month about the IT outage that grounded planes and workplaces to a halt globally on July 19th.

Adam Meyers, CrowdStrike's senior vice president of counter adversary operations, has agreed to appear before the panel on September 24th at 2PM ET, the committee announced. Committee leaders had previously called on CEO George Kurtz to testify, but he's not currently listed as a witness.

In a statement, Committee Chair Mark Green (R-TN) said that while he'd hoped Kurtz could attend, "I look forward to hearing testimony from Mr. Meyers, who CrowdStrike a …

Read the full story at The Verge.

Microsoft to host CrowdStrike and others to discuss Windows security changes

2024-08-23T11:00:00-04:00

Microsoft is hosting an important summit on Windows security at its Redmond, Washington, headquarters next month. The Windows Endpoint Security Ecosystem Summit on September 10th will bring together Microsoft engineers and vendors like CrowdStrike to discuss improvements to Windows security and third-party best practices to try and prevent another CrowdStrike incident.

"Microsoft, CrowdStrike and key partners who deliver endpoint security technologies will come together for discussions about improving resiliency and protecting mutual customers' critical infrastructure," says Aidan Marcuss, corporate vice president of Microsoft Windows and d …

Read the full story at The Verge.

CrowdStrike accepted a ‘Most Epic Fail’ award at Def Con hacking conference

2024-08-12T10:44:16-04:00

CrowdStrike president Michael Sentonas personally accepted a "Most Epic Fail" award over the weekend at the annual Las Vegas Def Con hacking conference for the company's software update that caused a global IT outage last month. While accepting the award, he said it was "super important to own it when you do things horribly wrong, which we did in this case."

The Pwnie Awards, given out in an annual ceremony at Def Con, celebrate "the achievements (and failures) of security researchers and the security community." This year's categories included awards for mobile, desktop, and crypto bugs, one for "Lamest Vendor Response," and an "Epic Achie …

Read the full story at The Verge.

Microsoft says Delta ignored Satya Nadella’s offer of CrowdStrike help

2024-08-06T12:00:00-04:00

Microsoft has responded to Delta Air Lines' criticism of Windows and CrowdStrike after the giant IT outage last month. Delta CEO Ed Bastian wants compensation from both CrowdStrike and Microsoft for the estimated $500 million Delta lost due to the outage. Now, Microsoft says Delta refused its free help on multiple occasions and even ignored an email from CEO Satya Nadella to Bastian.

"Microsoft empathizes with Delta and its customers regarding the impact of the CrowdStrike incident. But your letter and Delta's public comments are incomplete, false, misleading, and damaging to Microsoft and its reputation," says Mark Cheffo, co-chair of Dech …

Read the full story at The Verge.

CrowdStrike says it’s not to blame for Delta’s days-long outage

2024-08-05T05:52:16-04:00

CrowdStrike refutes Delta Air Lines' allegations that the cybersecurity firm is to blame for a dayslong flight disruption following last month's catastrophic system outage, saying that the airline rejected repeated offers to help restore impacted systems.

In an interview with CNBC last week, Delta CEO Ed Bastian said the outage cost the company $500 million after more than 6,000 flights were grounded, and that the airline has "no choice" but to seek legal compensation from CrowdStrike and Microsoft.

While the CrowdStrike issues impacted millions of Windows machines across multiple industries globally, Delta struggled to bring systems bac …

Read the full story at The Verge.

MrBeast blames terrible Beast Games conditions on the CrowdStrike outage

2024-08-02T19:12:26-04:00

The CrowdStrike global IT outage that downed some 8.5 million Windows PCs, halting flights and affecting hospitals, banks and more, is now apparently also a scapegoat for the terrible conditions at the set of a reality game show competition put on by mega-popular YouTuber MrBeast, aka Jimmy Donaldson, with $5 million on the line.

The New York Times is reporting that after 2,000 contestants arrived at Allegiant Stadium this July, they were barely fed and didn't receive their prescription medication or clean underwear on time - despite providing it to the organizers themselves. (The 1,000 contestants who make it through can return for the Bea …

Read the full story at The Verge.

Delta CEO: ‘When was the last time you heard of a big outage at Apple?’

2024-08-01T15:14:18-04:00

In an interview with CNBC, Delta Air Lines CEO Ed Bastian said the July 19th outage caused by a CrowdStrike update cost his company half a billion dollars in five days. Delta canceled more than 5,000 flights that weekend and had blue error screens still visible at airports days after the initial crash. Among the costs Bastian said Delta incurred were more than 40,000 servers that "we had to physically touch and reset" as well as compensation payments to travelers left in the lurch.

Asked about a continuing relationship with Microsoft after the crash, Bastian said he regards it as "probably the most fragile platform" and asked the question, …

Read the full story at The Verge.

Microsoft calls for Windows changes and resilience after CrowdStrike outage

2024-07-26T06:27:38-04:00

Microsoft is still helping CrowdStrike clean up the mess that kicked off a week ago when 8.5 million PCs went offline due to a buggy CrowdStrike update. Now, the software giant is calling for changes to Windows and has dropped some subtle hints that it's prioritizing making Windows more resilient and is willing to prevent security vendors like CrowdStrike from accessing the Windows kernel.

While CrowdStrike has blamed a bug in its testing software for its botched update, its software runs at the kernel level - the core part of an operating system that has unrestricted access to system memory and hardware. This means that if something goes w …

Read the full story at The Verge.

How Microsoft helped clean up CrowdStrike’s mess

2024-07-25T12:00:00-04:00

As CrowdStrike scrambled to respond to an influx of crash reports early Friday morning, engineers inside Microsoft also noticed that something was majorly wrong. Millions of Windows machines were being sent into a perpetual Blue Screen of Death, taking down important servers and PCs around the world.

Microsoft quickly declared the incident a "severity zero," or what's known internally as sev0, according to sources familiar with the situation. This is the highest, most urgent level of an incident impacting Microsoft products or services. A sev0 incident is rare at Microsoft, and it means people get woken up in the middle of the night and on- …

Read the full story at The Verge.