Microsoft Outage: CrowdStrike Update Causes Chaos for Flights, Hospitals and Businesses Globally [CNET]

A faulty cybersecurity update wreaked havoc across the medical and travel industries, with flights and medical procedures canceled and delayed.

Hospitals, banks, airports, airlines and broadcasters worldwide were impacted by a massive, ongoing IT outage Friday. Thousands of Windows PCs, which many companies and organizations rely on as part of their critical internet infrastructure, were hit by the CrowdStrike outage. Perhaps most concerning, several US states reported that their emergency 911 call centers were also hit.

The outage was blamed on a faulty update from cybersecurity company CrowdStrike. The company handles the security of many Windows PCs and services around the world. In a statement Friday morning, CrowdStrike said the issue had been “identified, isolated and a fix has been deployed.”

Microsoft Regional Director Troy Hunt called it “the largest IT outage in history” in a post on X.

“Earlier today, a CrowdStrike update was responsible for bringing down a number of IT systems globally. We are actively supporting customers to assist in their recovery,” a Microsoft spokesperson said in an emailed statement.

Many services and businesses continue to be affected, including hospitals and flights, even though the initial cause of the outage has been fixed by CrowdStrike. Here’s how to fix your Windows PC affected by the CrowdStrike blue screen of death. CrowdStrike also outlined all of the steps people could take to fix their PCs in its statement. “This is not a security incident or cyberattack,” the company added.

Read more: Stuck During the Worldwide Outage? See If Your Credit Card Has These Travel Protections and Insurance

Microsoft first said on X that it was aware of an issue affecting people’s ability to access 365 services late on Thursday. In an update issued around 1 a.m. PT (4 a.m. ET), the company said, “Multiple services are continuing to see improvements in availability as our mitigation actions progress.” The company didn’t immediately respond to request for further comment. In one update, it said some people had success overcoming the issue by rebooting their computers up to 15 times.

The outage also took down the London Stock Exchange. 

The last time there was an internet outage this widespread was when a service called Fastly went down in 2021. It’s a reminder of how much of the internet is underpinned by shared infrastructure, which leaves it vulnerable to widespread issues such as this. The share price of many companies took a nose dive following Friday’s outage, but it also affected many people on an individual level, from disrupting vacation plans to preventing access to emergency services.

“All too often these days, a single glitch results in a system-wide outage, affecting industries from healthcare and airlines to banks and auto-dealers,” Federal Trade Comission chair Lina Khan said in a thread on X. “Millions of people and businesses pay the price. These incidents reveal how concentration can create fragile systems.”

Are hospitals affected by the outage?

Hospitals in the US reported problems on Friday morning with their IT systems, affecting many patients. “A major worldwide software outage has affected many of our systems at Mass General Brigham, as well as many major businesses across the country,” a spokesperson for Massachusetts General Hospital told Newsweek. “Due to the severity of this issue, all previously scheduled non-urgent surgeries, procedures, and medical visits are cancelled today.”

In the UK, medical services have also been affected, including the National Health Service system for booking appointments and pharmacies, which were struggling to take payments. 

Is 911 working?

Across the US, state troopers were reporting that 911 lines were down, starting in Alaska. Unconfirmed reports suggest that some lines in Minnesota, Arizona, Indiana, Ohio and New Hampshire had also been hit. 

Many people were reporting issues through the Down Detector website, with outages appearing to peak around midnight PT. If you live in one of the affected states, check with your local state troopers or police department for alternative emergency numbers. Alaska State Troopers issued an update later on Friday, saying their service had be reinstated as of 4:23 a.m. local time.

Television channels around the world have been hit by the outage, with Sky News in the UK broadcasting from a phone after its studio equipment failed. The Paris Olympics organizing committee also said it had been hit by the outage, but that it had contingency plans in place. 

Are flights still grounded?

Thousands of flights have been delayed or canceled Monday — and real-time data shows only 23% of flights departing on time as of 5 p.m. ET Friday afternoon. Here’s how to track the status of your flight directly from your iPhone’s text messages, and three steps to take when your flight is canceled or delayed.

Airports from New Zealand to the UK reported issues in the early hours of Friday morning, particularly with their scanning technology, which couldn’t register passengers’ boarding passes. In India and Northern Ireland, departures boards and boarding passes were being written by hand. Airlines, including Europe-wide budget airline Ryanair, were reporting issues with online check-in. Ryanair advised all passengers to arrive at least three hours early for their flights. 

In the US, the Federal Aviation Authority has grounded some flights from American Airlines, United and Delta. Many US airlines haven’t yet issued statements about how they expect the day to pan out, but it might be wise for passengers hoping to fly from US airports today to check with your airlines before setting off and also get there earlier than usual to allow extra time to check-in.

Delta

The biggest airlines operating in the US have been issuing regular updates, with Delta saying in a statement: “Delta has resumed some flight departures after a vendor technology issue impacted several airlines and businesses around the world. That issue necessitated a pause in Delta’s global flight schedule this morning while it was addressed.” The airline added that additional cancellations and delays would be expected on Friday, but that it had issued a travel waiver, which would allow passengers scheduled to travel today to rebook their flights for little or no cost, depending on date.

American Airlines

In a statement on X, American Airlines said: “We’re aware of a technology issue with a vendor that is impacting multiple carriers. American is working with the vendor to resolve the issue as quickly as possible.” In an updated statement to CNET it said that as of 5 a.m. ET it had managed to “safely reestablish our operation.”

United Airlines

United Airlines issued a statement saying, “A third-party software outage is impacting computer systems worldwide, including at United.” Initially the airline said that it would be holding all flights at their departure points, but later on Friday morning managed to get its flights moving again. 

“We are resuming some flights but expect schedule disruptions to continue throughout Friday,” said a company spokesperson. “We have issued a waiver to make it easier for customers to change their travel plans via United.com or the United app.”

KLM

Dutch airline KLM said that the outage had made flight handling “impossible,” and until the issue was resolved, it largely had to suspend operations. In an update on X, the airline added: “Customers should expect delays and cancellations. We urge passengers to stay away from airport if their flight is not departing or is seriously delayed. We realise this is very inconvenient for customers, particularly because the busy summer holiday season has just started.”

It added that it’s working hard to restore operations and that passengers should keep an eye on KLM.com or the airline’s app for updates.

What is CrowdStrike?

The company at the root of the outages isn’t actually Microsoft at all. The source of the issue has been identified as a faulty update issued by cybersecurity company CrowdStrike.

Founded 11 years ago out of Austin, Texas, CrowdStrike is often called in by organizations following major cybersecurity breaches to investigate what went wrong. These include the 2014 Sony Pictures hack and various events targeting the Democratic National Committee between 2015 and 2016.

Many companies around the world rely on CrowdStrike for critical cloud workload protections. In this case, CrowdStrike issued an update for Windows PCs (it confirmed Mac and Linux users hadn’t been affected) that contained a single defect. PCs displayed the “blue screen of death,” indicating a critical error, and were forced into a boot loop, which prevented them from turning on.

Exacerbating the problem further is the fact there doesn’t seem to be a universal, easy fix for the issue. Most affected PCs will need to be manually reset to an earlier point in time one by one. Until they’re able to turn on, they won’t be able to receive the latest update from CloudStrike. “We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website,” said a spokesperson for CrowdStrike.

“We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels,” they added. “Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”

In a letter posted online to customers and partners late Friday, CrowdStrike CEO George Kurtz said he wanted to “sincerely apologize directly to all of you for today’s outage.”

“All of CrowdStrike understands the gravity and impact of the situation. We quickly identified the issue and deployed a fix, allowing us to focus diligently on restoring customer systems as our highest priority,” Kurtz wrote. “The outage was caused by a defect found in a Falcon content update for Windows hosts. Mac and Linux hosts are not impacted. This was not a cyberattack.”

Kurtz had confirmed earlier Friday on X that the outage was caused by an issue with a Falcon content update for Windows Hosts. “We have mobilized all of CrowdStrike to help you and your teams,” he added. “If you have questions or need additional support, please reach out to your CrowdStrike representative or Technical Support.