• Market Watch

Faulty software update causes global havoc

• 1 Month Ago

A widespread Windows failure brought down the computer systems of emergency services, banks, airports and more





Many Namibian business owners and individuals were affected during the global IT outage last Friday. The incident was traced back to a faulty update in Falcon Sensor, a cybersecurity software developed by CrowdStrike and used by Microsoft Azure and Office 365 to protect their platforms and services.

According to Asad Abbas, software services manager at Green Enterprise Solution, the malfunctioning update affected at least 8.5 million devices globally, including in Namibia. The disruptions impacted individuals and organisational services such as Microsoft SharePoint Online, OneDrive and Exchange Online. CrowdStrike, the cybersecurity provider responsible for Falcon Sensor, is renowned for its solutions that protect Microsoft services and their endpoints.

“Despite the widespread impact, the incident was not classified as a cyberattack. Experts suggest the outage resulted from insufficient testing or human error during the software update process,” he explained.

Prevent future failures

In today's advanced technological landscape, such incidents raise questions about how these failures can still occur. Although Microsoft has not released an official statement regarding the exact cause, industry insiders speculate that the need for a rapid update to address a critical vulnerability might have reduced the testing time, leading to the issue.

“Microsoft typically employs a staged rollout for updates, first releasing them to a select group before a global deployment. However, in urgent cases, a global release might be expedited to mitigate security risks, potentially bypassing thorough testing procedures,” Abbas said.

The immediate impact of the outage included business disruptions and operational delays for customers.

“In the long term, repeated incidents could erode customer trust, attract regulatory scrutiny, and prompt a re-evaluation of release and testing strategies.”

According to Abbas, collaboration between vendors like Microsoft and CrowdStrike will be crucial in tightening protocols to prevent future occurrences.

While it is challenging to guarantee that such incidents will not happen again, strategies like enhanced testing protocols, staged rollouts, backups, disaster recovery plans, business continuity measures, and rollback points are essential.

“These measures can help minimise the risk and ensure a swift recovery if issues arise.”

Abbas suggested managing updated schedules proactively. “Turning off auto updates and opting for monthly or biannual update channels can provide a buffer. Implementing a testing environment to validate updates before full deployment can further safeguard against similar disruptions in the future.”