[German]Brief information: I have received today information that the vendor CrowdStrike with its Flacon security solution has been causing issues again – since around 11:00 a.m. (CET) today, August 22, 2024. The reader reported issues with both the single sign-on (SSO) and the hybrid join. There are also performance problems under Windows when the CrowdStrike Falcon solution is running with a cloud connection. Here is some information about what I have.
Advertising
A reader message
A German blog reader contacted me shortly after 12:00 noon (CET) in a personal message on Facebook (thanks for that) and noted: "We seem to be having problems with Crowdstrike again. We are noticing [performance] issues and SSO / hybrid join issues on many Windows clients. I had a quick look on downdetector.com, but didn't find anything about a major disruption. The provider is aware of the problems and is currently investigating, he said.
Another reader contacted me by e-mail (thank you) and wrote that he was affected in his environment with 8,000 users and 2,500 servers. He sent me the link to the reddit.com post Tech Alert | EU-1 | system performance degradation where similar information can be found.
CrowdStrike Falcon is a security software that runs on Linux and Windows and uses sensors to detect malware and cyberattacks.
Das schreibt CrowdStrike
CrowdStrike's status portal reported (1 p.m. CET) that everything is runing fine. At around 11:00 a.m. (CET) CrowdStrike is said to have informed customers of a problem by email.
Tech Alert | EU-1 | system performance degradation | 2024-08-22 Summary CrowdStrike is currently investigating an issues with a cloud service that sensor communicates with in a synchronous manner within the EU-1 Falcon Cloud. Details Sensor may generate more traffic to the cloud or can cause system performance issue as it will need more time to make decisions related to detections. Latest Updates 2024-08-22 08:50 AM UTC | Tech Alert Published
There must have been problems with the system performance since around 9:00 a.m. CET. The provider is currently investigating a problem with a cloud service with which the sensor communicates synchronously in the EU-1 Falcon Cloud. According to CrowdStrike, the sensor can generate more traffic to the cloud, which can lead to system performance issues as the sensor needs more time to make decisions regarding detections, they say. At around 11:00 a.m. German time (10:05 AM UTC), we received further information that the problem was being investigated.
One reader told me, that CrowdStrike phoned him to say that the problem had been fixed. At 1:42 p.m. CET, however, the second reader only continued to tell me that they were having massive performance issues. On reddit.com there is some talk of macOS being affected.
Advertising
Addendum: In the meantime, a spokesperson for CrowdStrike from the USA has contacted me by email and sent the following statement.
"CrowdStrike identified and resolved a cloud performance issue this morning that had caused system delays for a small segment of EU cloud customers. This is not related to the Channel File 291 incident, and all customers have remained protected throughout."
The CrowdStrike incident
The current hiccup immediately brings back memories of the so-called CrowdStrike incident. Weeks ago, a faulty sensor update paralyzed over 8 million Windows computers worldwide and led to millions of dollars in damage. The chronology of the incident, including an analysis of the causes, can be found in the articles linked below.
Similar articles:
Worldwide outage of Microsoft 365 (July 19, 2024)
Windows systems throw BSOD due to faulty CrowdStrike update
Why numerous IT systems around the world failed due to two errors on July 19, 2024
CrowdStrike analysis: Why an empty file led to BlueSceen
Review of the CrowdStrike incident, the biggest computer glitch of all time
CrowdStrike incident: sensor failure as a previously unknown side effect?
CrowdStrike: Investigation report; amount of damages and compensation; attribution of blame
Microsoft's analysis of the CrowdStrike incident and recommendations
CrowdStrike: New report, current status, lawsuits and more
Advertising