The recent incident due to a faulty CrowdStrike update has taken the entire world by surprise, highlighting the weaknesses of some IT infrastructure models. According to the editor, a failure in the software testing procedure was at the origin of this incident, disrupting millions of Windows machines and bringing various sectors to a standstill.
Approximately 8.5 million devices were affected by the faulty update, resulting in over 1500 flight cancellations in the US alone. Hospitals, banks, pharmacies, supermarkets, and countless businesses have also been hit hard by this disruption, causing widespread chaos and financial losses.
What caused the problem?
CrowdStrike, a key cybersecurity partner of Microsoft, released an update with a defect in its “Falcon” cyber defence software, which caused the issue. The flaw affected all devices that booted between July 19, 2024, 04:09 UTC and 05:27 UTC, leading to the dreaded “Blue Screen of Death” (BSOD).
Steps taken to resolve the issue
Just 78 minutes after the problem surfaced, CrowdStrike provided a procedure to enter into the system in safe mode and delete the faulty file. However, since each affected device had to be manually fixed, the process took a precious time, sometimes several days for the largest organizations. The scale and complexity of this manual intervention highlighted the need for more efficient and centrally-manageable solutions in handling such widespread issues.
How VDI would have helped recover quickly from the impact
Virtual Desktop Infrastructure (VDI) offers a centrally managed and more resilient environment in such scenarios. With VDI, users’ desktops are centralized and hosted in a datacenter, enabling quick backup and recovery. The centralized management that comes with VDI allows a single administrator to resolve issues without physically touching each device. Instead of manually fixing individual PCs, the master (or “golden”) image on the server can be corrected for greater reactiveness, saving significant time and effort.
Some organizations were still struggling with unresolved issues days after the update, especially in the flight sector, leading to ongoing flight cancellations and operational disruptions. VDI could have helped saving a precious amount of time, allowing to resolve the issue within a few minutes, and preventing such prolonged chaos.
Additionally, VDI allows for fully managed updates, eliminating the risk of automatic updates causing widespread failures. Only a week after the incident, CrowdStrike announced that 97% of Windows sensors were back online. This delay could have been reduced to a great extent with the more granular level of management that VDI allows.
Secure endpoints for VDI
For optimal security, it is strongly recommended to use one EDR/XDR such as CrowdStrike on VDI, and another one on endpoints. Ideally, endpoints should have a minimal local configuration for better security, and only be used to access virtual desktops or applications.
Our thin clients running the ZeeOS operating system are secure by design, do not store or process data locally, minimize the need for frequent updates, and help ensure continuous data availability. Updates are fully managed, ensuring that endpoints remain operational without requiring constant maintenance. This level of security and efficiency is why our endpoints can be a better option for accessing virtual desktops.
Conclusion
The recent CrowdStrike update incident has exposed the fragility of an infrastructure depending on PCs. Such issues can arise anytime, but VDI with secure endpoints can help mitigate these risks and resume operations swiftly. The financial loss from this outage has been estimated at $5.4 billion, underscoring the need for a more reactive IT infrastructure.
If you are using VDI, our ZeeOS operating system on your endpoints could be an interesting option to experience the benefits of secure endpoints.
ZeeOS is a read-only operating system that can be used to convert any PC into a secure new-gen thin client. Convert your PCs into thin clients today for free with ZeeOS.
If you don’t have VDI yet, we can guide you in selecting the most adapted option according to your needs.