The recent disruption experienced by stores, the UK’s Sky News, and some airports was caused by issues with Microsoft’s software, specifically a badly formatted driver, and not a cyberattack. Cybersecurity expert Kevin Beaumont revealed this information and advised that users should monitor updates until a resolution is found, as industry figures weigh in with comments.

This incident highlights the importance of thorough research and vetting of cybersecurity solutions by businesses before implementation, emphasizing the need for reliable and resilient tools. The use of agents for installation and maintenance of software on multiple different OSes adds layers of complexity and potential points of failure.

Additionally, the incident underscores why businesses should prioritize agentless solutions like MFA 2.0 to ensure more resilient defenses and reduce the risk of widespread failures. Given the nature of the update, individual users from every affected organization will need to boot into safe mode, remove the issue file/driver, and then roll back or update to a new version, which may be a challenging task for CrowdStrike.

This incident also brings to light the vulnerability of relying on a single supplier on such a vast scale and emphasizes the importance of having a backup plan. While it’s best practice for vendors to pressure test any updates before rollout, this can be difficult for a supplier serving a large portion of the world.

There is currently no word on when the issue might be fully resolved, so it’s advisable to pause CrowdStrike updates in the meantime.