In This Story
Computer systems at businesses around the world failed after cybersecurity firm CrowdStrike bungled an update, and Microsoft reported issues with its Azure cloud service.
Here’s what you need to know.
What happened?
On Thursday night, Austin, Texas-based CrowdStrike issued a regular software update to its Falcon Sensor software, which is designed to protect against malware and “much more.” The company says its system uses next-generation antivirus, endpoint detection and response, cyber threat intelligence, managed threat hunting capabilities, and security hygiene to protect customers.
In other words, it’s usually very good and relies on a lot of advanced technology. But this time, a defect in the planned update impacted Microsoft’s Windows operating systems.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” Crowdstrike CEO George Kurtz wrote Friday morning on X. “This is not a security incident or cyberattack.”
Separately, Microsoft said a configuration change affected its Azure cloud service, which caused an interruption that affected its Microsoft 365 products. Clients across the U.S. were affected by the outage, which left businesses unable to access Microsoft 365 services like Office and Teams.
Microsoft has also been affected by the CrowdStrike issues, which left users across the world grappling with the “Blue Screen of Death,” posting pictures of their frozen screens online as they were left unable to access corporate laptops and computers.
“I don’t think it’s too early to call it: this will be the largest IT outage in history,” Troy Hunt, a security consultant and creator of “Have I Been Pwned?” wrote on X.
What is CrowdStrike?
CrowdStrike is a widely used cybersecurity software provider. Its software detects and prevents hackers from accessing files on Microsoft computers. The Texas-based cybersecurity giant is used by government agencies and Fortune 500 companies.
It has helped the U.S. government investigate North Korean hackers and investigated Russian interference in the 2016 election.
Its co-founder and CEO is George Kurtz, who previously worked at McAfee.
What’s affected by the CrowdStrike outage?
More than half of Fortune 500 companies use CrowdStrike’s software, according to a promotional video from the firm earlier this year. As of March, at the end of the company’s fiscal year 2024, CrowdStrike had more than 29,000 subscription customers, excluding smaller customers served through its partners. It’s unclear exactly how many have been affected.
The outages have impacted more than 30,000 flights, according to FlightAware. The Federal Aviation Administration said in a statement that several airlines have requested assistance with ground stops. Delta Air Lines and and United Airlines have resumed some flights. American Airlines said it has fully restored operations.
Airlines and airports across Europe and Asia have also been affected, with Lufthansa-subsidiary Eurowings canceling all German domestic flights and services to and from the U.K. The ground operations of airlines at seven major airports in Thailand have also been disrupted, with disruptions being reported at airports in Hong Kong and Singapore.
The issues have also spread to the London Stock Exchange, banks, and even public broadcasters. The United Parcel Service (UPS) and FedEx say deliveries may be delayed, while McDonald’s and Starbucks locations have also experienced some issues. Downdetector, an online service that tracks user-reported outages at major companies, has recorded growing outages at other firms, including Ticketmaster and BetMGM.
Healthcare service providers have also been affected, as have emergency communications systems in cities including Portland or Cincinnati, Ohio.
Boston’s Mass General Brigham has canceled “all previously scheduled non-urgent surgeries, procedures, and medical visits,” while New York’s Memorial Sloan Kettering Cancer Center has paused all procedures that require anesthesia. Health centers in Germany and Israel have also been affected.
The CEO of the Global Payroll Association has said that clients are unable to access their software due to the outages and that millions of workers around the world “risk going without their wages” because their employers or banks rely on CrowdStrike.
Financial institutions are still evaluating the impacts of the global internet outage that disrupted some of their functions on Friday. Although bank branches across the U.S. opened as usual, some have experienced login and payment issues. Visa, TD Bank, JPMorgan Chase Bank, and Bank of America had issues on Friday, according to DownDetector.
“Financial institutions’ dependencies on third parties has grown in recent years as part of the ongoing digitalisation of the sector,” Monsur Hussain, head of financial institutions research at Fitch Ratings, said in a statement. “The economies of scale are compelling, but they can also bring systemic risks.”
What happens next?
In an interview with the Today show, Kurtz said “we’re deeply sorry” to anyone impacted by the issues, including customers and travelers. CrowdStrike is actively working with customers to get systems back online.
“The system was sent an update and that update had a software bug in it that caused an issue with the Microsoft operating system,” Kurtz said. “As systems come back online, as they’re rebooted, they’re coming up and they’re working.”
An updated fix has been sent to clients’ computers, although progress will likely be slow. The current suggested solution involves manually rebooting each computer into safe mode, deleting a file, and restarting.
But that will take time — and likely a lot of it.
“The company has moved quickly to issue a fix — though, it may take time to remedy the situation for many companies, especially those who rely on remote access to administer systems in other geographic regions,” Dominic Sellitto, a University at Buffalo professor and cybersecurity expert, said in a statement.
Microsoft has said that the “underlying cause of the issue” affecting Azure has been fixed, adding that several Microsoft 365 apps have been fully restored, including OneDrive for Business and Microsoft Defender for Endpoint. However, some apps and services are suffering from residual impact.
The tech outages hammered the stock market, sending the Dow Jones Industrial Average, S&P 500, and Nasdaq down; the U.S. Securities and Exchange Commission has said it’s monitoring for market-related impacts. Microsoft stock dipped about 0.90% Friday, while CrowdStrike stock dropped by more than 12%. Rival stocks, including SentinelOne and Palo Alto Networks, recorded gains Friday.
“This is clearly a major black eye for CrowdStrike and the stock will be under pressure after this global outage related to Microsoft has caused massive disruption globally,” Wedbush Securities analysts said in a note published Friday.
However, Wedbush analysts added they still believe Kurtz is “one of the best tech CEOs in the world,” praising him for stepping up and helping damage control efforts. Friday’s incident will be a “dark chapter for the company” but won’t impact the “long term bull story” for the firm, they said.
—Laura Bratton, Rocio Fabbro, Britney Nguyen, and Ben Kesslen contributed to this article.