ISI Insights

Microsoft & CrowdStrike Widespread Outages

Written by Scott Siker | Jul 19, 2024 11:16:22 AM


What Happened:
An Azure configuration change caused a major Microsoft 365 outage in the Central US region, impacting a variety of Microsoft tools. Separately, a faulty component in the latest CrowdStrike Falcon update has led to widespread system crashes on Windows devices, affecting global organizations and causing significant disruptions.

Risk Impact level to IsI MSP Customers: Currently, IsI MSP customers do not appear to be impacted at this time from either widespread outage.

  • If you are on a full IT support contract that includes IsI sponsored and supported assets, CrowdStrike is not part of that security services stack.
  • There is no reported evidence to support that either of these outages were caused by a Cybersecurity related event.
  • If you have questions regarding either of these reported service provider outages, please contact IsI and we would be happy to field any concerns.

For those already affected, CrowdStrike provides the following workaround:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment.
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys” and delete it.
  4. Boot the host normally.

Major Microsoft 365 outage caused by Azure configuration change

Microsoft says an Azure configuration change caused a major Microsoft 365 outage on Thursday, affecting customers across the Central US region.The list of services impacted by the outage includes Microsoft Defender, Intune, Teams, PowerBI, Fabric, OneNote, OneDrive for Business, SharePoint Online, Windows 365, Viva Engage, Microsoft Purview, and the Microsoft 365 Admin Center. The outage was caused by an access control list configuration change to a server cluster hosting these key 365 services. Currently, there is no evidence to suggest IsI customers have been impacted at this time.

CrowdStrike update crashes Windows systems, causes outages worldwide

A faulty component in the latest CrowdStrike Falcon update has caused widespread system crashes on Windows devices since early this morning, disrupting operations at numerous global organizations including airports, TV stations, and hospitals. The glitch has impacted both Windows workstations and servers, causing widespread outages that have crippled entire companies and knocked offline hundreds of thousands of computers. CrowdStrike is currently working on resolving the issue. The company revealed that the culprit is a Channel File, which contains data for the sensor (e.g. Instructions). Since it is just a component of the update for the sensor, this type of file can be addressed individually without removing the Falcon Sensor update.

IsI will continue to monitor this situation as it develops. Should you have any questions, please do not hesitate to contact us at support@dodsecurity.com.
View full post