CrowdStrike Outage Could Be Biggest IT Outage In History As Update Sparks Global Chaos For Airlines, Hospitals and Banks
The source of the global IT outage has been identified and a fix has been deployed, though full recovery may take some time, according to George Kurtz, CEO of US cybersecurity company CrowdStrike.
The problem stems from a bug in CrowdStrike's "Falcon Sensor" software, an antivirus software designed to protect Microsoft Windows devices from malicious attacks. This caused Windows systems to crash and display a blue screen. An alert with a manual workaround was issued to clients at 0530 GMT on Friday, according to Reuters.
The outage has impacted banks, airlines, train companies, telecommunications companies, broadcasters, and supermarkets. Kurtz clarified that the issue is not a security incident or cyberattack but a defect in a single content update for Windows hosts. Mac and Linux hosts are not affected.
“We have isolated the issue and deployed a fix,” Kurtz said, assuring that CrowdStrike will provide continuous updates on its website and referring customers to the support portal for the latest information. Speaking to NBC, he expressed deep regret for the inconvenience caused to customers and travelers, acknowledging that system reboots are ongoing and recovery will take time.
The glitch impacts Windows workstations and servers, leading to massive outages and bringing entire companies offline. Users have reported systems stuck in boot loops or showing the Blue Screen of Death (BSOD) after installing the update.
Reports indicate that emergency services in the U.S. and Canada have also been affected, with some 911 agencies in states like New York, Alaska, and Arizona, as well as parts of Canada, experiencing disruptions. In Illinois, emergency responders are resorting to paper documentation until systems recover. The health hotline in Catalonia, Spain, is similarly affected, with authorities urging citizens to avoid calling unless in an emergency.
By the time the correction was issued, numerous large organizations had already been affected. Airports worldwide, including those in Berlin, Barcelona, Brisbane, Edinburgh, Amsterdam, London, and Melbourne, reported significant disruptions. In Zurich, flights destined for the city were still allowed to land, but no aircraft were taking off for Zurich Airport, and departures to the U.S. were halted. Airlines, such as American Airlines, United, and Delta, sought assistance from the Federal Aviation Administration due to IT system issues.
In the United Kingdom NHS England reported disruption in most GP practices, though 999 services are unaffected. Airlines globally are issuing handwritten tickets, with Ryanair among those affected at Stansted Airport.
Several hospitals in the Netherlands, including Scheper in Emmen and Slingeland Hospital in Achterhoek, experienced disruptions, though some have begun returning to normal operations. In Barcelona, the Terrassa University Hospital and the Catalan Oncology Institute faced issues but have also started to recover.
Television stations and news outlets like Sky News and ABC reported disruptions as their systems crashed. On social media, users from around the world shared their frustrations over the widespread impact, with companies from Malaysia, Australia, New Zealand, the Philippines, and China all reporting significant outages.
Microsoft confirmed awareness of the issue affecting Windows devices due to the third-party software update and anticipated a resolution soon.
Technical Details and Workaround
CrowdStrike acknowledged the issue, identifying a Channel File in the update as the culprit. This file can be addressed individually, allowing users to retain the Falcon Sensor update. The company has provided the following workaround steps for affected systems:
George Kurtz, CrowdStrike’s CEO, announced that the company is actively working with customers and recommended communication through official channels for support. A fix has been deployed, and customers are advised to check the support portal for the latest updates.
领英推荐
Founded in 2011, CrowdStrike aims to address sophisticated cyberattacks with advanced endpoint protection and expert intelligence. The company remains committed to resolving the current issue and ensuring full recovery for all affected customers.
Additional links from CrowdStrike and other technology vendors:
Hilcorp Alaska OT
4 个月That was something. And the deployed “fix” was essentially worthless. If you think about it though, one prevention of a successful corporate crypto attack, it’s still worth it.
Project Manager- | Energy Efficiency & Management in Industrial & Commercial Sectors | Cyber & SCADA Securities | EPC & Contract Risk Management| - APAC/EMEA
4 个月I agree!
??