CrowdStrike CEO George Kurtz says a global tech outage affecting various businesses was caused by a "defect" in a "single content update" for Windows hosts.
"This is not a security incident or cyberattack," Mr Kurtz wrote in a post on X.
"The issue has been identified, isolated and a fix has been deployed."
Apple and Linux hosts were not impacted by the update, he said.
CrowdStrike has identified and resolved a defect in a recent content update affecting Windows hosts. The company assured that Mac and Linux hosts are unaffected by the issue.
Here's the full statement from George Kurtz, the CEO of Crowdstrike:
"Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.
"Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.
"The issue has been identified, isolated and a fix has been deployed.
"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
"We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels.
"Our team is fully mobilised to ensure the security and stability of Crowdstrike customers."
What is Crowdstrike
Crowdstrike is a cybersecurity company founded in 2011 with the aim of safeguarding the world’s biggest companies and hardware from cyber threats and vulnerabilities.
It specialises in endpoint security protection and tries to prevent malicious software or files from hitting corporate networks from devices that connect to them, such as phones and laptops.
It also aims to protect the data of companies which have shifted from guarding it under their own roof, or on their own servers, to so-called cloud providers.
The Texas-based firm was co-founded by entrepreneurs George Kurtz, who remains chief executive, and Dmitri Alperovitch. It listed its shares publicly on the tech heavy Nasdaq stock exchange in 2019.
Since it first launched, the company has seemingly played a key role in helping firms investigate cyber-attacks.
In 2016 Crowdstrike was called in by the US Democratic National Committee, the strategy arm of the Democrat Party, to investigate a breach into its computer network.
Microsoft and Third-Party Software:
Microsoft has attributed the problem to a third-party software platform update, stating that a resolution is expected soon. The issue has also been cited by American Airlines and the Swiss cybersecurity office as impacting their operations.
Crowdstrike has lost a fifth of its value in pre-market trading in the US - down 21% in unofficial trading.
If confirmed when US stock markets open later today, that is a loss of $16 billion in its overnight valuation.
Industry insiders say the problem is centred on the fact that cloud security companies have very high level privileges to update the core systems of their customers.
When this works, it helps protect their systems. When an attempted update fails, it brings down the systems they are supposed to protect, all at once.
While the fix is in theory, simple - updating systems physically from backup disks - in practice this is now more difficult in a cloud computing world.
Governments face serious questions about how resilient our economic infrastructure is to this sort of epic failure.
"This is not a security incident or cyberattack," Mr Kurtz wrote in a post on X.
"The issue has been identified, isolated and a fix has been deployed."
Apple and Linux hosts were not impacted by the update, he said.
CrowdStrike has identified and resolved a defect in a recent content update affecting Windows hosts. The company assured that Mac and Linux hosts are unaffected by the issue.
Here's the full statement from George Kurtz, the CEO of Crowdstrike:
"Crowdstrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.
"Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.
"The issue has been identified, isolated and a fix has been deployed.
"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
"We further recommend organisations ensure they’re communicating with Crowdstrike representatives through official channels.
"Our team is fully mobilised to ensure the security and stability of Crowdstrike customers."
What is Crowdstrike
Crowdstrike is a cybersecurity company founded in 2011 with the aim of safeguarding the world’s biggest companies and hardware from cyber threats and vulnerabilities.
It specialises in endpoint security protection and tries to prevent malicious software or files from hitting corporate networks from devices that connect to them, such as phones and laptops.
It also aims to protect the data of companies which have shifted from guarding it under their own roof, or on their own servers, to so-called cloud providers.
The Texas-based firm was co-founded by entrepreneurs George Kurtz, who remains chief executive, and Dmitri Alperovitch. It listed its shares publicly on the tech heavy Nasdaq stock exchange in 2019.
Since it first launched, the company has seemingly played a key role in helping firms investigate cyber-attacks.
In 2016 Crowdstrike was called in by the US Democratic National Committee, the strategy arm of the Democrat Party, to investigate a breach into its computer network.
Microsoft and Third-Party Software:
Microsoft has attributed the problem to a third-party software platform update, stating that a resolution is expected soon. The issue has also been cited by American Airlines and the Swiss cybersecurity office as impacting their operations.
Crowdstrike has lost a fifth of its value in pre-market trading in the US - down 21% in unofficial trading.
If confirmed when US stock markets open later today, that is a loss of $16 billion in its overnight valuation.
Industry insiders say the problem is centred on the fact that cloud security companies have very high level privileges to update the core systems of their customers.
When this works, it helps protect their systems. When an attempted update fails, it brings down the systems they are supposed to protect, all at once.
While the fix is in theory, simple - updating systems physically from backup disks - in practice this is now more difficult in a cloud computing world.
Governments face serious questions about how resilient our economic infrastructure is to this sort of epic failure.
