KUALA LUMPUR: The Microsoft IT outage today, which has caused a major catastrophe to businesses worldwide, especially to airlines and banks, is not a cyberattack.
The outage has caused millions of Windows users worldwide to experience the Blue Screen of Death (BSOD) error, resulting in sudden shutdowns or restarts, bringing down services rendered to customers.
While almost all fingers are pointing to Microsoft for this outage and havoc, the Windows maker however, in a statement, said it has traced the root of this issue to a recent update from CrowdStrike.
CrowdStrike is a cybersecurity software firm that provides advanced protection to users and businesses, including Microsoft.
Its chief executive officer, George Kurtz, on X, confirmed the issue was caused by a botched update, but said it is not a cyberattack.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," he said.
However, Mac and Linux hosts are not impacted.
The company said its 'Falcon Sensor' software update is causing Windows to crash and display the BSOD, hence causing major disruptions of Microsoft software users especially Microsoft 365 and Azure.
While both Microsoft and Crowdstrike said they are mitigating the problems, Malaysian authorities are monitoring the situation closely.
Microsoft has provided a link for customers to refer to for doing the recovery process and backup.
Malaysia is also affected by this outage, as passengers at Kuala Lumpur International Airport Terminal 2 (KLIA2) have been forced to check-in for their flights manually following the outage.
Digital Minister Gobind Singh Deo, in his X posting, said the authorities are closely monitoring the global IT outage that happened today.
Meanwhile, Kaspersky head of Threat Research, Alexander Liskin, citing media reports, said
the number of affected companies, and the devices they use, may exceed hundreds and thousands.
"At this stage, it is difficult to estimate how long it will take to fix the issue, since the difficulty lies in the fact that when such a problem occurs, each device (computer, laptop or server) must be rebooted into safe mode manually," he said.
"This cannot be done using management tools. This is indeed a very serious problem that has affected numerous processes, including those in critical infrastructure," he added.
Meanwhile, LGMS Bhd executive chairman, CF Fong, advised companies not to put "all eggs in one basket" and diversify their protective solutions.
"Perform proactive business continuity exercises like cyber drills, simulate system under attacks and outages. Also, always be prepared, disasters whether intentional or unintentional can be destructive to businesses," he said.