Microsoft, CrowdStrike outage disrupts travel and business worldwide (2024)

A defective update to an obscure piece of security software knocked out computer systems around the globe Friday, causing widespread disruptions to travel, medical care and businesses of all stripes while revealing in stunning fashion the fragility of a world economy built on shared technology.

Airline passengers were stranded at airports as thousands of flights were canceled. Hospitals closed their doors to patients expecting routine appointments. Shoppers encountered self-checkout terminals showing the notorious Blue Screen of Death that pops up when Windows fails. Even the organizers of the upcoming Paris Olympics reported impacts to the delivery of uniforms.

The problem traced to an update issued for Windows computers by security firm CrowdStrike, the company said in a blog post. The company said at 6 a.m. Friday the problem had been identified and fixed, but by that point the effects had rippled around the world.

Advertisem*nt

The effects of the outage were a reminder of how the global economy is dependent on computer systems that are vulnerable to everything from attacks by sophisticated hackers to bungled software updates. But while the problems were widespread, there was an element of randomness at play, too, depending on which companies in any given industry made use of the defective system.

CrowdStrike chief executive George Kurtz said he was “deeply sorry” to anyone affected by the global outage during an appearance Friday on NBC’s “Today” show and vowed to “make sure every customer is fully recovered.”

Many CrowdStrike systems are recovering and will soon be operational, Kurtz said, but “it could take some time for some systems that won’t automatically recover.”

The company’s problems follow a string of computer security incidents and service outages in recent years that have disrupted online services. Bruce Schneier, a security technologist who teaches at the Harvard Kennedy School, said the latest problem shows how brittle parts of the online world have become as companies have chased efficiency while sacrificing resiliency.

Advertisem*nt

“This is one of hundreds of companies you’ve never heard of that are essential to the functioning internet,” Schneier said. He compared the situation to a house built in such a way that nailing a picture to the wall puts it at risk of collapsing.

CrowdStrike’s software is widely used around the world by businesses seeking to defend themselves from hackers. The problems Friday affected only computers running Microsoft’s Windows operating system, CrowdStrike said, leaving Apple computers and those using Linux unaffected.

While Windows is the operating system for hundreds of millions of personal PCs, it also runs on the computers behind the scenes that are vital to the operation of airlines, digital payment systems, emergency services call centers and other organizations.

Microsoft chief executive Satya Nadella said in a post on X that his company was working with CrowdStrike and Windows users “to provide customers technical guidance and support to safely bring their systems back online.”

Advertisem*nt

CrowdStrike said in the blog post that the faulty file implicated in the more widespread outages had a timestamp equivalent to 12:09 a.m. Eastern time Friday. An unrelated Microsoft outage Thursday also caused problems.

Some of the most visible early effects of the outage were at airlines. Budget U.S. carriers Frontier and Sun Country disclosed in the early hours of Friday that they were experiencing disruptions, and the problems spread to major airlines and affected airlines overseas.

By 6:30 p.m. more than 4,400 flights had been canceled worldwide. Of that, more than 2,700 were flights operating into, within or out of the United States, according to FlightAware.com, an online flight-tracking website. More than 40,000 flights were delayed worldwide, with delays affecting more than 10,000 flights originating or ending in the United States.

Advertisem*nt

United Airlines said the outage impacted several key systems: those used for checking in customers, calculating aircraft weight and operating call centers.

In the United States alone the impacts were similar to what might be expected during a major snowstorm. And even as airlines reported getting operations back up and running Friday morning, problems in the aviation system can take hours to fully resolve as crews and aircraft are left in the wrong cities.

John Cox and his wife found themselves spending more than a day at Reagan National Airport as they tried to get a flight home to North Carolina.

A technical issue Thursday evening prompted major airlines including Delta to delay service and reroute passengers. Then their 10:17 a.m. Friday flight to Charlotte was pushed to Saturday at noon. “It completely derailed our plans,” Cox said, slumped on a seat by the entrance of the airport.

Advertisem*nt

“We’re going to end up spending a lot more money hanging around in D.C. than if we were back at home,” Cox said, before reclining in his seat and sighing. “There should be some compensation for the immense inconvenience that so many people are enduring.”

By Friday morning it had become clear that the effects were reaching a large number of industries and affecting government agencies.

The effects on medical providers stretched from the United States to Israel, with doctors losing access to electronic medical records and some hospitals postponing elective procedures.

Mass General Brigham, a nonprofit that operates one of the largest hospital systems in Massachusetts, said on its website that it was canceling all “non-urgent visits” at its hospitals and clinics Friday. The organization said its emergency departments remained open and were providing care for urgent appointments and procedures.

Advertisem*nt

Alison Baulos said her father, Gary Baulos, was scheduled to have heart surgery Friday at Baptist Health Hospital in Paducah, Ky., but got a call at 3:30 a.m. that the procedure was canceled due to the outage.

Her father, a 73-year-old former Navy Seabee and AT&T technician, had just been diagnosed with eight blockages and an aneurysm, she said, and had spent Thursday night at a hotel close to the hospital.

“The doctor said he can’t be too active, he can’t raise his hands above his head,” Alison Baulos said. She said her father is taking it in stride. His reaction to the cancellation, she said, was, “all right, since we’re already out here I guess we can go to IHOP for breakfast.”

Danielle Carzell, a 35-year-old Atlanta resident, was scheduled to have her hip replaced Friday, a procedure she’s eagerly anticipated for months. Born with a genetic condition — her hips are “like mismatched puzzle pieces,” she said — she’s in constant pain and hoped the surgery would relieve it. But after waiting for hours at Emory St. Joseph’s Hospital, she was told the procedure would have to be rescheduled due to the outage.

Advertisem*nt

“I have no idea when I’m going to be able to get my surgery now,” she said. “I have a 5-year-old that I just want to play with, and this outage is just ruining everything.”

Even in a sector that has suffered debilitating blows this year — notably the hacks of claims processor Change Healthcare and health system Ascension — experts were surprised by the scale of the impacts Friday.

“I was stunned to see this kind of ripple effect,” said Chris Cummiskey, a cybersecurity expert and former Department of Homeland Security official. While CrowdStrike is often seen as the gold standard in cyber protection, he said this event may call for reviewing their internal practices.

“You don’t want to hit one button and have this kind of worldwide meltdown occur,” Cummiskey said.

Television news stations in several countries were knocked off the air. In Australia, the outage left ABC News unable to deliver its usual evening news update. Instead it showed a special report on the disruption at Sydney airports.

Advertisem*nt

Some emergency services also reported problems. The Alaska State Troopers reported that, starting at 9 p.m. Thursday local time, 911 call centers statewide were not working correctly. Service was restored around 4 a.m. Friday when dispatch centers switched to analog phone systems or partnered with dispatch centers that had not been impacted, according to the Alaska Department of Public Safety.

Federal officials scrambled to assess the situation and provide assistance. Anne Neuberger, a security and technology adviser to President Biden, said her day began on a call with the White House situation room at 4 a.m. as the government sought to determine the effects on its own systems and critical parts of the economy.

“It highlights both the degree to which our economies, our national security are now digital and interconnected in a fundamental way,” said Neuberger, speaking on a panel at the Aspen Security Forum in Colorado.

A White House official said that Biden himself was briefed on the outage and that the administration was in touch with CrowdStrike and affected entities. The White House will get “sector by sector updates throughout the day and is standing by to provide assistance as needed,” the official added.

Transportation Secretary Pete Buttigieg said in an interview on CNBC Friday that he expected airlines, ports and freight companies to be largely back on their feet by Friday. But he said the episode should prompt some soul searching about the vulnerability of the country to even seemingly minor technical problems.

“We’re certainly in a new era in terms of these risks,” Buttigieg said. “I think there will be a huge amount of after action assessment, after the dust settles and things get back to normal.”

Hannah Ziegler, Jeff Stein, Aaron Gregg, Adela Suliman and Julian Mark contributed to this report.

Microsoft, CrowdStrike outage disrupts travel and business worldwide (2024)

FAQs

What were the effects of the Microsoft CrowdStrike outage? ›

The effects were severe and widespread, hitting various sectors globally. Critical services like air travel faced massive disruptions, with thousands of flights canceled and delays piling up. The healthcare sector was also hit hard, with some surgeries postponed and emergency services experiencing outages.

What is the worldwide outage of CrowdStrike? ›

On July 19th, 2024, Windows 7 and above systems running CrowdStrike's Falcon sensor were served a faulty channel file that caused kernel instability and would result in a Blue Screen of Death (BSOD) loop and the largest global IT outage in history. The culprit is Channel File 291 (named with a pattern 'C-00000291-*.

What is the global issue with CrowdStrike? ›

The main issue was a mismatch between the input fields expected by CrowdStrike's Falcon driver and the ones supplied in a content update. CrowdStrike is now promising to better test updates and is using two independent third-party software security vendors to review its sensor code and release processes.

What is the root cause of the CrowdStrike outage? ›

CrowdStrike has published its root cause analysis about the update crash that turned off millions of Microsoft Windows devices globally. The crash occurred because there was a mismatch between the 21 inputs passed to the CrowdStrike content validator and the 20 supplied to the content interpreter.

What is affected by the Microsoft outage? ›

Across the world, critical businesses and services including airlines, hospitals, train networks and TV stations, were disrupted on Friday by a global tech outage affecting Microsoft users.

What exactly happened with CrowdStrike and Microsoft? ›

As CrowdStrike immediately explained to customers and the world, the problem was not a cyberattack but an error in the software update. Because the bug was in CrowdStrike's Falcon platform update for Microsoft Windows, computers using other operating systems (e.g. Mac and Linux) were not impacted.

Which banks are affected by CrowdStrike outage? ›

Banks: Several banks in the U.S., including Chase Bank, Charles Schwab, TD Bank and Bank of America reported server outages, according to Downdetector, while in Brazil, banking giant Bradesco warned users its digital service was unstable because of the outage, multiple outlets reported.

Why is CrowdStrike down so much? ›

CRWD shares faced a dramatic 11% plunge last Friday, a direct consequence of a faulty update to the company's cloud-based cybersecurity platform, Falcon. The mistake in the Falcon update led to a global IT outage, impacting banks, airports, hospitals, retailers, various businesses and government agencies.

What was the cause of the CrowdStrike failure? ›

On July 24, CrowdStrike reported on the testing process lapses that led to the flawed update being pushed out to customer systems. In its post-mortem, the company blamed a hole in its testing software that caused its Content Validator tool to miss a flaw in the defective Channel File 291 content update.

Who is CrowdStrike biggest competitor? ›

Top CrowdStrike Falcon Alternatives
  • SentinelOne Singularity Platform.
  • Harmony Endpoint.
  • Trend Micro XDR.
  • Microsoft Defender for Endpoint.
  • Cortex XDR.
  • ThreatDown Endpoint Detection and Response.
  • Cybereason Defense Platform.
  • WatchGuard EPDR.

What is the problem with CrowdStrike? ›

A CrowdStrike update caused a massive IT outage, crashing millions of Windows systems. Critical services and business operations were disrupted, revealing tech reliance risks.

What exactly happened in CrowdStrike? ›

As the fallout continues, CrowdStrike has released a post-incident review (PIR) detailing the buggy update that caused 8.5 million Windows machines to crash last week. The review attributes the issue to a flaw in the test software, which failed to properly validate the content update pushed out on Friday.

Who is CrowdStrike owned by? ›

The ownership structure of CrowdStrike Holdings (CRWD) stock is a mix of institutional, retail and individual investors. Approximately 58.04% of the company's stock is owned by Institutional Investors, 2.19% is owned by Insiders and 39.77% is owned by Public Companies and Individual Investors.

What is the long term outlook for CrowdStrike? ›

CRWD: The Next Five Years

CrowdStrike is well-positioned to capitalize on the burgeoning cybersecurity market. The company's management is optimistic about the future, projecting a 125% growth in the market opportunity for its AI-native security platform by 2028, reaching a staggering $225 billion.

Does CrowdStrike slow down your computer? ›

“People at home shouldn't worry about their computers as it doesn't affect the home PCs,” said Jake Moore, global cybersecurity advisor at security firm ESET. “Consumers should allow all updates and set them automatically if possible.” Macs, Linux PCs and Chromebooks are also unaffected by this flaw.

What happened to the CrowdStrike issue? ›

CrowdStrike's preliminary investigation has now identified the source of the outage as a cloud-delivered, rapid response update to the Falcon sensor. CrowdStrike uses these updates to identify new indicators of threat actor behaviour, and improve its detection and prevention capabilities.

Did CrowdStrike affect personal computers? ›

The CrowdStrike-Microsoft outage that disrupted flight operations globally, flashing the Blue Screen of Death (BSOD) on several enterprise Windows PCs last week, did not affect Windows computers used at home.

Why did CrowdStrike go down? ›

CrowdStrike Holdings Inc. shares were extending their declines Monday as the effects of the company's faulty software update continued to disrupt global technology and as at least two analysts downgraded the cybersecurity stock.

Will CrowdStrike have to compensate? ›

In the case of CrowdStrike's Falcon security software, the relevant terms limit liability to “fees paid”. Put more plainly, customers are entitled to no more than a simple refund. Read more: What is CrowdStrike Falcon and what does it do?

Top Articles
Latest Posts
Article information

Author: Rueben Jacobs

Last Updated:

Views: 6539

Rating: 4.7 / 5 (57 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Rueben Jacobs

Birthday: 1999-03-14

Address: 951 Caterina Walk, Schambergerside, CA 67667-0896

Phone: +6881806848632

Job: Internal Education Planner

Hobby: Candle making, Cabaret, Poi, Gambling, Rock climbing, Wood carving, Computer programming

Introduction: My name is Rueben Jacobs, I am a cooperative, beautiful, kind, comfortable, glamorous, open, magnificent person who loves writing and wants to share my knowledge and understanding with you.