Light Dark
July 23, 2024 By Josh Nadeau 3 min read
News

On Friday, July 19, 2024, nearly 8.5 million Microsoft devices were affected by a faulty system update, causing a major outage of businesses and services worldwide. This equates to nearly 1% of all Microsoft systems globally and has led to significant disruptions to airlines, police departments, banks, hospitals, emergency call centers and hundreds of thousands of other private and public businesses.

What caused this outage in Microsoft systems?

The global outage of specific Microsoft-enabled systems and servers was isolated to a faulty software update released by CrowdStrike, one of the largest independent cybersecurity companies with nearly 30,000 subscribers worldwide.

With the majority of these subscribers automatically pushing new security updates as they become available, all impacted systems were put into a BSOD (Blue Screen of Death) state. This triggered an infinite boot cycle of the operating system, leaving the systems unable to boot correctly. The operating system then attempts to restart but encounters the same error, causing the process to repeat indefinitely.

On July 19, CrowdStrike’s CEO George Kurtz announced on X that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts.” He also confirmed that “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

What has been the aftermath of this incident?

Even though this CrowdStrike event only affected less than 1% of all Microsoft-enabled systems, the aftermath so far has been significant.

One of the largest industries impacted by the major outages caused by this faulty update has been air travel. On Friday, more than 3,300 flights had already been canceled around the globe. In the United States, three major airlines — Delta, American and United — all grounded their flights for several hours, causing a significant backlog of customer and commercial travel. Airports in Tokyo, Amsterdam and Delhi were also impacted while creating major issues in other international locations.

Banking institutions were also significantly disrupted by system outages that impacted everything from ATMs to mobile banking applications and call centers. Even more critical has been the impact on essential emergency services such as hospitals and 911 dispatch teams.

Massachusetts General Hospital released the following statement regarding the impact of the outage on its operations: “A major worldwide software outage has affected many of our systems at Mass General Brigham, as well as many major businesses across the country. Due to the severity of this issue, all previously scheduled non-urgent surgeries, procedures and medical visits are canceled today.”

The ongoing aftermath of this situation has demonstrated how reliant we are on an interconnected ecosystem of technology and services.

How is this issue being resolved?

As George Kurtz mentioned in his statement on X, CrowdStrike has already fixed the issue on its end and is actively working with its customers to fully resolve the problem. However, in an interview on the TODAY show on NBC, he also stated, “It could be some time for some systems that just automatically won’t recover.”

Many IT experts agree with this statement and claim it could take several days for larger organizations to get their systems back to normal operation. The problem lies in the BSOD issues that are being created. This means that while CrowdStrike has “pushed” an automatic update to users on their end since many customers will be unable to fully reboot their system, they won’t be able to receive and install the update.

CrowdStrike has published manual remediation actions for IT administrators to follow in the event they can’t see an automatic recovery from the issue. These actions involve booting an operating system into “safe mode,” making modifications to the installed drivers and rebooting again safely.

While the company has been clear that it has a permanent fix for this issue, it will take time for IT administrators to gain manual access to remote servers and systems running Microsoft operating systems so they’re able to address these issues.

Unfortunately, the damage has already been done. The ongoing ripple effects of significant economic impacts caused by this event continue to spread, with early estimates of the total losses associated nearing $1 billion.

Get IBM support updates here. If you are experiencing cybersecurity issues or an incident, contact IBM X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

 |  |  |  | 
Josh Nadeau
Cybersecurity Writer

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature