CrowdStrike shares review of error that crashed Windows PCs: Here's how the worst global IT outage happened

CrowdStrike, the company behind the global IT outage on July 19, responded with a brief statement in its review of the error. While previously it vaguely mentioned an update as the probable reason for the crash, it has now shared a detailed statement with reasons for the error. It blamed the “problematic content” in a channel file, which resulted in the system crash of millions of Windows PCs. Let’s look at the exact error that caused systems to crash resulting in one of the worst IT outages of all time.

What exactly caused the IT outage?

CrowdStrike is a cybersecurity firm that offers its services to protect against cyberattacks and breaches. It works with several top firms and one of them is Microsoft. That said, it’s responsible for catching issues and reporting or disabling them, but an unfortunate incident happened on July 19, 2024, which made Microsoft’s Windows PCs crash with a Blue Screen of Death (BSOD) error. The company has shared a details statement on what exactly happened and how the fiasco occurred.

CrowdStrike revealed in a statement that on July 19, 2024, two additional IPC Template Instances were deployed in the file that was meant to catch issues before software updates are updated to customers. One of the Template Instances contained problematic content data, and despite that, it passed validation. When the sensor received it and it was loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unprecedented exception caused the Windows operating system to crash with a BSOD error.

Due to the Windows crash, the entire IT industry which relied on mostly Windows PCs, was unable to access their work, resulting in a major outage. Initially, the system crash was detected in select regions and then spread worldwide.

CrowdStrike assures that its systems are operating normally

Fortunately, CrowdStrike was quick to recommend users remove Channel File 291 from their systems to stop BSOD errors. We shared the same in one of our stories. It actively worked on the same for several hours to fix it. The company, however, has assured that CrowdStrike is now operating normally and the previous does not affect the Falcom platform systems.

“We assure our customers that CrowdStrike is operating normally and this issue does not affect our Falcom platform systems. If your systems are operating normally, there is no impact on their protection if the Falcon Sensor is installed. Falcon Complete and OverWatch services are not disrupted by this incident,” noted CrowdStrike.