Faulty CrowdStrike update causes major global IT outage, taking out banks, airlines and businesses globally

Manish Singh
Updated ·5 min read

Businesses across the world are reporting IT outages, including Windows "blue screen of death" errors on their computers, in what has already become one of the most widespread IT disruptions in recent years. The outage — linked to a software update from popular cybersecurity firm CrowdStrike — has affected computers running Microsoft Windows at organizations across various sectors, including airlines, banks, retailers, brokerage houses, media companies and railway networks. The travel sector seems to be one of the hardest hit, based on online chatter.

CrowdStrike's chief executive, George Kurtz, confirmed in a post on X that a "defect" in a content update for Windows hosts had caused the outage, and Kurtz ruled out a cyberattack. He added that the firm was rolling out a fix and that Mac and Linux hosts were not affected.

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Kurtz noted on X.

"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers," Kurtz said.

Later Friday, the U.S. cyber agency, the CISA, said that even though the outage wasn't linked to any suspicious activity, it has “observed threat actors taking advantage of this incident for phishing and other malicious activity.”

A post on CrowdStrike's support forums (which are only accessible with a login) also acknowledged the issue early on Friday, saying the company had received reports of crashes related to a content update. CrowdStrike said the crash reports were "related to the Falcon Sensor" — its cloud-based security service that it describes as "real-time threat detection, simplified management, and proactive threat hunting."

a screenshot displaying information about the Falcon Sensor issue on July 19.
A screenshot of the post on CrowdStrike.

A moderator of the CrowdStrike subreddit also said the company was aware of "widespread reports" of blue screen errors on Windows devices across multiple versions of its software. The firm was investigating the cause, the message read.

The security firm didn't immediately respond to a request for comment.

Microsoft started to note problems starting in the early hours of July 19. Its Service Health page notes currently that Microsoft 365 for Consumers is now back up. Enterprise apps, however, are still seeing disruption according to its Service Health Status for its cloud services for business.

"We're aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming," a Microsoft spokesperson told TechCrunch in a statement.

The Microsoft spokesperson said that the previous Microsoft 365 service disruption overnight July 18 to 19 was unrelated to the widespread outage triggered by the CrowdStrike update.

There will be a lot of questions to ask and answer about resilience — or perhaps the lack of it — in cloud services, and namely how one single update could bring so much to a grinding halt around the world.

"In our view, cybersecurity products have to clear a higher bar of reliability and security in customer deployments than other technology products because they are mission critical and actively attacked by adversaries," Goldman Sachs analysts wrote in a research note Friday. "In some ways, we believe this will reinforce the barrier to entry in the industry and the need for best-in-class update, outage and customer service protocols, ultimately favoring companies with scale."

https://youtu.be/ZkliqjGXJtY

Airlines and airports across Germany, France, the Netherlands, the United Kingdom and the United States, as well as Australia, China, Japan, India, Singapore and Taiwan are reporting problems with check-in and ticketing systems, resulting in flight delays and ample chaos at airports.

U.S. federal airspace officials announced a nationwide ground stop of air traffic on Friday due to the outages, which might have an affect on the climate, experts told TechCrunch. Others were affected by the outage and the airline chaos in other ways.

In the U.K., the London Stock Exchange reported disruptions. Several doctors' offices in the U.K. said on X that the outage had hit the National Health Service's clinical computer system that contains medical records and is used for scheduling appointments.

And in the U.S., some 911 and non-emergency call centers seem to be affected. A post by Alaska State Troopers said many such call centers were "not working correctly across the State of Alaska."

U.K. news broadcaster Sky News faced trouble broadcasting live this morning due to the outage, the firm's executive chairman David Rhodes tweeted. The New Zealand Herald reported that banking services in the country were affected by the issue, too, and several Indian news channels said they had problems broadcasting as well.

Many companies' employees have reported being unable to start their computers due to the issue. The outage came shortly after Microsoft confirmed service problems with its Microsoft 365 apps late on Thursday, which affected several airlines including Delta and United. Microsoft's services status page says the issues are being resolved.

And amid the chaos, misinformation has been spreading, including that the Las Vegas Sphere was displaying a blue screen of death.

Before CrowdStrike acknowledged its role in the crash, businesses and security experts early on Friday began to point fingers at the company, whose software is used by millions of people across enterprises to manage security both on devices and servers. Experts told TechCrunch that rivals could stand to gain from the debacle, as well.

CrowdStrike counts nearly 60% of Fortune 500 companies and more than half of the Fortune 1,000 among its clients, per its website. Its services are deployed by eight of the top 10 financial services firms and an equal number of leading tech companies. It also has a deep and wide presence in the healthcare and manufacturing sectors, serving six and seven of the top 10 companies in those industries, respectively.

CrowdStrike's shares were down around 11% when the market closed on Friday, and a market cap of $74.2 billion at the time of this writing.

Ram Iyer, Ingrid Lunden and Zack Whittaker contributed to this report.

https://twitter.com/akothari/status/1814202068531552666 https://twitter.com/PragueAirport/status/1814202766530683262 https://twitter.com/troyhunt/status/1814174010202345761

This story was originally published at 12:09 a.m. July 19, and was updated to reflect new information.

  • Up next
  • Up next
  • Up next
  • Up next

Latest Stories