CrowdStrike and Microsoft: What we know about global IT outage (2024)

CrowdStrike and Microsoft: What we know about global IT outage (1)CrowdStrike and Microsoft: What we know about global IT outage (2)EPA

A massive tech failure has caused travel chaos around the world, with banking and healthcare services also badly hit.

Flights have been grounded because of the IT outage - a flaw which left many computers displaying blue error screens.

There were long queues, delays and flight cancellations at airports around the world, as passengers had to be manually checked in.

Cyber-security firm CrowdStrike has admitted that the problem was caused by an update to its antivirus software, which is designed to protect Microsoft Windows devices from malicious attacks.

Microsoft has said it is taking "mitigation action" to deal with "the lingering impact" of the outage.

Here is a summary of what we know so far.

What caused the outage?

This is still a little unclear.

CrowdStrike is known for producing antivirus software, intended to prevent hackers from causing this very type of disruption.

According to CrowdStrike boss George Kurtz, the issues are only impacting Windows PCs and no other operating systems, and were caused by a defect in a recent update.

"The issue has been identified, isolated and a fix has been deployed," he said.

"This is not a security incident or cyber-attack."

What exactly was wrong with the update is yet to be revealed, but as a potential fix involves deleting a single file, it is possible that just one rogue file could be at the root of all the mayhem.

When will it be fixed?

It could be some time.

CrowdStrike's Mr Kurtz, speaking to NBC News, said it was the firm's "mission" to make sure every one of its customers recovered completely from the outage.

"We're deeply sorry for the impact that we've caused to customers, to travellers, to anyone affected by this, including our companies," he said.

He has since told CNBC that while some systems can be fixed quickly, for others it "could be hours, could be a bit longer".

CrowdStrike has issued its fix. But according to those in the know, it will have to be applied separately to each and every device affected.

Computers will require a manual reboot in safe mode - causing a massive headache for IT departments everywhere.

What's the solution?

Something important to note here, is that personal devices like your home computer or mobile phone are unlikely to have been affected - this outage is impacting businesses.

Microsoft is advising clients to try a classic method to get things working - turning it off and on again - in some cases up to 15 times.

The tech giant said this has worked for some users of virtual machines – computers which are accessed remotely.

“Several reboots (as many as 15 have been reported) may be required, but overall feedback is that reboots are an effective troubleshooting step at this stage," it said.

It is also telling customers with more in-depth computing knowledge that they should delete a certain file - the same solution one CrowdStrike employee has been sharing on social media.

But this fix is intended for experts and IT professionals, not regular users.

Which airports have been affected?

The problems have emerged across the world, but were first noticed in Australia, and possibly felt most severely in the air travel industry, with more than 3,300 flights cancelled globally.

  • UK airports saw delays, with long queues at London's Stansted and Gatwick.
  • Ryanair said it had been "forced to cancel a small number of flights today (19 July)" and advised passengers to log-on to their Ryanair account, once it was back online, to see what their options are.
  • British Airways also cancelled several flights.
  • Several US airlines, notably United, Delta and American Airlines, grounded their flights around the globe for much of Friday. Australian carriers Virgin Australia and Jetstar also had to delay or cancel flights.
  • Airports in Tokyo, Amsterdam and Delhi were also impacted.

Meanwhile, the problems have also hit payment systems, banking and healthcare providers around the world.

Railway companies, including Britain’s biggest which runs Southern, Thameslink, Gatwick Express and Great Northern, warned passengers to expect delays.

In Alaska, the 911 emergency service was affected, while Sky News was off air for several hours on Friday morning, unable to broadcast.

How could it affect me?

The outage might also impact people getting paid on time.

Melanie Pizzey, head of the Global Payroll Association, told PA news agency that she'd been contacted by "numerous clients" who couldn't access their payroll software.

She said the outage could mean firms are unable to process staff payments this week, but there may be a knock-on effect too.

"We could see a backlog with regard to processing payrolls for the coming month end, which may delay employees from receiving their monthly wage," she said.

If you're worried about your own, personal devices, we have some good news.

The software at the centre of this outage is generally used by businesses, which means that most people's personal computers won't be impacted.

That means if you're wondering whether you need to delete a certain file to avoid your computer restarting constantly, the simple answer is no, you don't.

What is CrowdStrike?

It's a reminder of the complexity of our modern digital infrastructure that CrowdStrike, a company that's not exactly a household name, can be at the heart of such worldwide disarray.

The US firm, based in Austin, Texas, is a listed company on the US stock exchange, featuring in both the S&P 500 and the high-tech Nasdaq indexes.

Like a lot of modern technology companies, it hasn't been around that long. It was founded a mere 13 years ago, but has grown to employ nearly 8,500 people.

As a provider of cyber-security services, it tends to get called in to deal with the aftermath of hack attacks.

It has been involved in investigations of several high-profile cyber-attacks, such as when Sony Pictures had its computer system hacked in 2014.

But this time, because of a flawed update to its software, a firm that is normally part of the solution to IT problems has instead caused one.

In its last earnings report, CrowdStrike declared a total of nearly 24,000 customers. That's an indication not just of the size of the issue, but also the difficulties that could be involved in fixing it.

Each of those customers is a huge organisation in itself, so the number of individual computers affected is hard to estimate.

Additional reporting by Imran Rahman-Jones, Liv McMahon and Tiffany Wertheimer.

Cyber-security

CrowdStrike and Microsoft: What we know about global IT outage (2024)

FAQs

CrowdStrike and Microsoft: What we know about global IT outage? ›

A massive outage was caused by what was supposed to be a routine update from the cybersecurity company CrowdStrike. A routine software update caused cascading chaos Friday that has engulfed global businesses from airports and banks to retail and law enforcement.

What did the CrowdStrike outage affect? ›

A routine software update from the cybersecurity company CrowdStrike caused a global Microsoft outage this month that appeared to affect almost every major business sector, including airports, retail and banks.

What is the CrowdStrike issue? ›

A CrowdStrike update caused a massive IT outage, crashing millions of Windows systems. Critical services and business operations were disrupted, revealing tech reliance risks.

What happened with the Microsoft outage? ›

A Microsoft Azure outage on July 30 was triggered by a distributed denial of service cyberattack, the tech giant has confirmed. It comes after users started complaining they couldn't access several Microsoft services on Tuesday, including Microsoft 365 products such as Office and Outlook and Azure.

When was the Microsoft CrowdStrike outage? ›

The world just experienced a widespread technical outage linked to a company called CrowdStrike. What exactly happened on Friday, July 19, 2024? Cybersecurity firm CrowdStrike pushed out a routine software update that inadvertently crashed customers' Windows systems.

Why is CrowdStrike falling? ›

Shares of cybersecurity company CrowdStrike (CRWD -1.81%) continue to drop on Tuesday after its major software update problem of more than a week ago. The stock was already down more than 30% from recent highs, and investors might have thought that the worst was over once the problem had been corrected.

What are analysts saying about CrowdStrike? ›

Based on 37 Wall Street analysts offering 12 month price targets for CrowdStrike Holdings in the last 3 months. The average price target is $360.61 with a high forecast of $450.00 and a low forecast of $275.00. The average price target represents a 60.83% change from the last price of $224.22.

Does Microsoft use CrowdStrike? ›

Microsoft Confirms CrowdStrike's Analysis

Last week, CrowdStrike published is preliminary Post Incident Review, confirming that the issue was caused by a bug in the software it uses to test its regular content updates.

What time did the CrowdStrike outage start? ›

Outage. On 19 July at 04:09 UTC, CrowdStrike distributed a faulty configuration update for its Falcon sensor software running on Windows PCs and servers.

Will CrowdStrike recover? ›

The good news: Investors often have short memories

As concerning as this may be, the episode may not necessarily be crippling to CrowdStrike's business. The company can recover, and while it seems horrible right now and damaging to the brand, stocks can and often recover from bad press.

What caused Global IT outage? ›

The software update which caused Windows machines to crash, triggering the so-called Blue Screen Of Death (BSOD), was an updated threat sensor for CrowdStrike's cyber security software Falcon. The crashes were “due to a defect” in the software update “which went undetected during validation checks”, the company said.

What caused the global outage? ›

What we know about the global Microsoft outage. A massive outage was caused by what was supposed to be a routine update from the cybersecurity company CrowdStrike. A routine software update caused cascading chaos Friday that has engulfed global businesses from airports and banks to retail and law enforcement.

Who was responsible for the Microsoft outage? ›

The outage was caused by a faulty update from the cybersecurity provider, CrowdStrike, which caused Microsoft Windows machines to crash and get stuck in the infamous “blue screen of death” booting loop.

What caused the CrowdStrike issue? ›

“When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception,” CrowdStrike writes. “This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD).”

Who is using CrowdStrike? ›

Customers of Crowdstrike
CustomersEmployee RangeCity
Amazon Web Services10,000+Seattle
Home Depot, Inc.10,000+Atlanta
OSI Group LLC10,000+Aurora
iQor10,000+St. Petersburg
6 more rows

What problems does CrowdStrike solve? ›

CrowdStrike is the leader in next-generation endpoint protection, threat intelligence and response services. CrowdStrike's core technology, the Falcon platform, stops breaches by preventing and responding to all types of attacks — both malware and malware-free.

How much did the CrowdStrike outage cost? ›

CrowdStrike outage will cost Fortune 500 companies $5.4 billion in damages.

Why is CrowdStrike important? ›

Powered by leading threat intelligence and advanced AI, our global experts work tirelessly to prevent breaches. CrowdStrike tracks over 230 adversaries, processes 200K new IOCs daily, and manages over 300 million total IOCs, giving defenders a significant advantage.

What is incident in CrowdStrike? ›

The CrowdStrike Incident Response (IR) team brings control, stability and organization to what can be a confusing and chaotic situation. Given the current threat landscape, most organizations will likely encounter a cyber incident, at some point that they will have to respond to and manage effectively.

Does CrowdStrike block malware? ›

For example, CrowdStrike is AV Comparatives approved, with a 99.2 percent malware block rate, and zero business false positives. In addition, the Falcon platform meets the compliance standards of PCI DSS Requirement No.

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Errol Quitzon

Last Updated:

Views: 5808

Rating: 4.9 / 5 (59 voted)

Reviews: 90% of readers found this page helpful

Author information

Name: Errol Quitzon

Birthday: 1993-04-02

Address: 70604 Haley Lane, Port Weldonside, TN 99233-0942

Phone: +9665282866296

Job: Product Retail Agent

Hobby: Computer programming, Horseback riding, Hooping, Dance, Ice skating, Backpacking, Rafting

Introduction: My name is Errol Quitzon, I am a fair, cute, fancy, clean, attractive, sparkling, kind person who loves writing and wants to share my knowledge and understanding with you.