On Friday, a software update caused significant disruptions around the world, affecting computer systems, flights, and essential services. The problem began with an update to a product from CrowdStrike, a global cybersecurity firm. This update impacted users of Microsoft’s Windows Operating System. Microsoft later confirmed that they had fixed the issue.
CrowdStrike CEO George Kurtz addressed the situation on social media, explaining that the company was “actively working with customers impacted by a defect found in a single content update for Windows hosts” and that a fix was being implemented. He clarified that this was not a security incident or cyberattack.
The disruption caused major U.S. airlines, including American Airlines, Delta Airlines, and United Airlines, to ground flights. Other airlines and airports worldwide also experienced delays and interruptions. Banks and financial services from countries such as Australia, India, and Germany reported problems, with traders across various markets struggling to complete transactions. One trader described it as the “mother of all global market outages.”
In the UK, the situation was severe. Doctors’ booking systems went offline, and Sky News, a major broadcaster, apologized for being unable to broadcast live. Manchester United announced on social media that they had to postpone a ticket release due to the outage.
Microsoft’s cloud unit, Azure, acknowledged the problem affecting virtual machines running Windows OS and the CrowdStrike Falcon agent, which got stuck in a “restarting state.” A Microsoft spokesperson mentioned they were aware of the issue and expected a resolution soon.
CrowdStrike issued an alert early Friday, stating that its “Falcon Sensor” software was causing Microsoft Windows to crash and display the blue screen of death. The company provided a manual workaround to fix the problem. According to the company, over half of Fortune 500 companies use CrowdStrike software.
Ciaran Martin, a professor at Oxford University’s Blavatnik School of Government and former head of the UK National Cyber Security Centre, commented on the situation, saying it highlighted the vulnerability of the world’s internet infrastructure.
The outages affected various sectors. Airports in Singapore, Hong Kong, and India had to check in passengers manually. Amsterdam’s Schiphol Airport, one of Europe’s busiest, was impacted, as was airline Iberia, which operated manually at airports until electronic check-in counters and online systems were restored. Although there were delays, no flight cancellations were reported. Air France-KLM also experienced operational disruptions.
The Dutch Foreign Affairs Ministry reported being affected, although a spokesperson was not immediately available to comment. While some companies began to restore their services, analysts considered this incident one of the most significant outages ever experienced in the industry and the broader economy.
Ajay Unni, CEO of StickmanCyber, one of Australia’s most prominent cybersecurity firms, remarked that IT security tools are usually meant to help companies continue operating during a data breach. He described the situation as a major disaster, highlighting how a global IT outage caused by a security tool itself is an unprecedented issue.