The cause of the unprecedented Microsoft IT outage that grounded flights and took TV stations offline globally may finally have been explained.
The widespread computer outage affected many of the world’s biggest companies with issues being reported in many countries including the US, UK, Australia, New Zealand and India.
Much of the world’s infrastructure is still not working, causing Windows computers to show a blue screen.
Advert
There were initial concerns that this could be cyber attack from either hostile states or criminals but UK government officials, including the UK’s Ministry of Defence, has revealed that they are not aware of any hostile involvement and are not treating it as an attack.
Still, the problems are ongoing and while experts search frantically for solutions, the cause of the mass outage has remained a mystery.
Now though, it looks like there are some possible answers as the cause begins to get more clear.
Advert
The issue appears to stem from a faulty update to one of global cybersecurity company CrowdStrike‘s products.
The firm has now rolled back the update but it doesn’t help computers that have already been affected.
The difficulty faced now is to delete the file from these computers in order to restore them.
Advert
On the issue, CrowdStrike said that it is “aware of reports of crashes on Windows... relating to the Falcon sensor,” which is a software that monitors computers.
Speaking to the Independent, Toby Murray, who is an associate professor in the School of Computing and Information Systems at The University of Melbourne, Australia, revealed that it was a possibility that a “buggy” update could have been the cause of the outage.
He said: “CrowdStrike Falcon has been linked to this widespread outage. CrowdStrike is a global cyber security and threat intelligence company. Falcon is what is known as an Endpoint Detection and Response (EDR) platform, which monitors the computers that it is installed on to detect intrusions - hacks - and respond to them.
Advert
“That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.
“For example, if it detects that a computer is infected with malware that is causing the computer to communicate with an attacker, then Falcon could conceivably block that communication from occurring. If Falcon is suffering a malfunction then it could be causing a widespread outage for two reasons - one: Falcon is widely deployed on many computers, and two: because of Falcon’s privileged nature.
“Falcon is a bit like anti-virus software: it is regularly updated with information about the latest online threats (so it can better detect them). We have certainly seen anti-virus updates in the past causing problems. It is possible that today’s outage may have been caused by a buggy update to Falcon.”