CrowdStrike CEO Kurtz: 97 Percent Of Windows Sensors ‘Back Online’ After Outage

‘This progress is thanks to the tireless efforts of our customers, partners, and the dedication of our team at CrowdStrike,’ CEO George Kurtz says in a LinkedIn post Thursday.

CrowdStrike CEO George Kurtz disclosed that more than 97 percent of Windows sensors have recovered as of Thursday, following the unprecedented IT outage caused by the company’s faulty configuration update just under a week ago.

The cybersecurity giant’s July 19 update led to the “blue screen of death” for Microsoft Windows systems worldwide and brought widespread disruptions to air travel, business and health care, which have continued into this week. The companies have said that 8.5 million Windows devices were impacted by CrowdStrike’s update.

The hardest-hit airline, Delta, which canceled thousands of flights following the outage, said Thursday that “operational reliability returned to normal Thursday morning.” The airline saw “zero canceled mainline and Delta Connection flights,” Delta said in an update.

On the whole, the recovery after the outage is nearly complete, according to Kurtz.

“I want to share that over 97% of Windows sensors are back online as of July 25,” Kurtz wrote in a LinkedIn post Thursday. “This progress is thanks to the tireless efforts of our customers, partners, and the dedication of our team at CrowdStrike.”

“However, we understand our work is not yet complete, and we remain committed to restoring every impacted system,” he wrote.

It was not immediately clear if the figure provided by Kurtz is meant to equate to 97 percent of affected Windows devices. CRN has reached out to CrowdStrike for comment.

Earlier this week, CrowdStrike disclosed that a bug in its validation process for security configuration updates resulted in the outage, which experts have called the biggest IT disruption of all time. One estimate suggested the outage will cost U.S. Fortune 500 companies $5.4 billion in total direct financial loss.

The Falcon update that led to the outage involved what’s known as “rapid response content,” which is used as part of thwarting future cyberattacks.

Recovery Continues For Some

In the post Thursday, Kurtz told customers that are still facing disruptions that “we will not rest until we achieve full recovery.”

“I am deeply sorry for the disruption this outage has caused and personally apologize to everyone impacted,” he wrote. “While I can’t promise perfection, I can promise a response that is focused, effective, and with a sense of urgency.”

CrowdStrike’s response efforts, he added, have been “enhanced thanks to the development of automatic recovery techniques and by mobilizing all our resources to support our customers.”

Kurtz also pointed to the company’s “Preliminary Post Incident Review,” which details the “measures we’re taking to prevent such incidents in the future.”

Going forward, CrowdStrike said that it plans to improve its testing for “rapid response content” deployments.

This will include staggering the deployments for rapid response content, improving monitoring for the performance of sensors and systems and, crucially, providing customers with “greater control over the delivery of Rapid Response Content,” the company said.

In the future, CrowdStrike said it plans to allow for “granular selection of when and where these updates are deployed.”