In this article:
Background
CrowdStrike's cybersecurity software–used by numerous Fortune 500 companies, including major banks, healthcare, and energy companies–detects and blocks hacking threats. The software requires deep-level access to a computer's operating system to scan for those threats. In this case, computers running Microsoft Windows appear to be crashing because of the faulty way a software code update issued by CrowdStrike is interacting with the Windows system.
From what we can tell at this time, this seems to be a technology failure, not a cybersecurity breach. This problem specifically impacts machines running Windows operating systems. Those operating on Linux and MacOS remain unaffected.
How is SecurityScorecard helping?
We created a Portfolio in your account titled “CrowdStrike Incident July 19, 2024.” This Portfolio is populated with all your followed companies that we believe could be affected by this incident. (This isn't available for customers using the Free Plan.)
This Portfolio was created using Automatic Vendor Detection, which provides a Software Bill of Materials, or SBOM, for each company in your 3rd-, 4th-, and Nth-party ecosystem. Automatic Vendor Detection can identify organizations in your Portfolio that use CrowdStrike and Microsoft products.
Current resolution
CrowdStrike has identified a temporary fix, which involves booting affected machines into safe mode and either removing or renaming a specific file. Further details on this fix can be found directly through CrowdStrike support channels.