CrowdStrike put up a blog post that gives some information about what happened recently. Here is part of that blog post:
On July 19, 2024, at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggers a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.
The sensor configuration update that caused the system crash was remediated on Friday, July 19, 2024 05:27 UTC.
This issue is not the result of or related to a cyberattack.
Impact: Customers running Falcon sensor for Windows version 7.11 and above, that were online between Friday, July 19, 2024 04:09 UTC and Friday, July 19, 2024 05:27 UTC, may be impacted
Systems running Falcon sensor for Windows 7.11 and above that downloaded the updated configuration from 04:09 UTC to 05:27 UTC — were susceptible to a system crash.
Root Cause Analysis: We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing. We are committed to identifying any foundational workflow improvements that we can make to strengthen our process. We will update our findings in the root cause analysis as the investigation progresses.
In addition, CrowdStrike wrote: Systems running on Linux or macOS do not use Channel File 291 and were not impacted.
CNBC reported: Security experts said CrowdStrike’s routine update of its widely used cybersecurity software, which caused clients’ computer systems to crash globally on Friday, apparently did not undergo adequate quality checks before it was deployed.
The latest version of its Falcon Sensor software was meant to make CrowdStrike’s clients’ systems more secure against hacking by updating the threats it defends against. But faulty code in the update files resulted in one of the most widespread tech outages in recent years for companies like Microsoft’s Windows operation system.
Global banks, airlines, hospitals and government offices were disrupted. CrowdStrike released information to fix affected systems, but experts said getting them back online would take time as it required manually weeding out the flawed code.
The Guardian reported scammers are attempting to use global CrowdStrike outage on Microsoft Windows systems to steal from small businesses by offering fake fixes, the Australian government has warned.
The Australian Cyber Security Centre warned on Saturday that a number of malicious websites and “unofficial code” were being released, claiming to help businesses recover from the outage. The centre said it “strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only.”
In my opinion, I think someone really messed up the code that caused many computers to experience BSOD. Fortunately for me, my computer is macOS.