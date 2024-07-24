Microsoft cloud users across the globe should review the state of their infrastructure security setups in the wake of the botched CrowdStrike software update that took millions of Windows devices across the world offline on Friday 19 July 2024.

As stated in a blog post, authored by Microsoft’s vice-president of enterprise and operating system security, David Weston, on 20 July 2024, “this was not a Microsoft incident” but one that “impacts our ecosystem” and had disrupted the businesses and “the daily routines of many individuals”.

According to Microsoft’s calculations, around 8.5 million Windows devices, which equates to less than 1% of the global total of Windows machines in use, were affected by the incident.

And while that percentage might seem small in the grand scheme of things, Owen Sayers – an independent security consultant with more than 20 years’ experience advising public sector and policing clients on how to secure their systems – said the numbers involved are “terrifying” when coupled with information gleaned from CrowdStrike’s own incident reporting blog.

As confirmed by its “Technical details: Falcon content update for Windows hosts” blog, the corrupt software update that caused the Friday 19 July outage was only online for 78 minutes before it was taken down and replaced with a fixed version. “It affected less than 1% of global Windows devices in that time – that’s impressive,” said Sayers, but it also has worrying implications for the state of our global IT systems.

Knowing that a bug in a third-party security product could wreak so much havoc in such a short amount of time could give nation-state hackers some food for thought on how to wage their next wave of attacks.

“The Chinese and Russians now know how to bring down global IT systems – just find a security product used by your target, and modify that code,” said Sayers. “And there is a damn good chance it’ll wipe them out within an hour and a half.”