On Friday, July 19, 2024, nearly 8.5 million Microsoft devices were affected by a faulty system update, causing a major outage of businesses and services worldwide. This equates to nearly 1% of all Microsoft systems globally and has led to significant disruptions to airlines, police departments, banks, hospitals, emergency call centers and hundreds of thousands of other private and public businesses.
What caused this outage in Microsoft systems?
The global outage of specific Microsoft-enabled systems and servers was isolated to a faulty software update released by CrowdStrike, one of the largest independent cybersecurity companies with nearly 30,000 subscribers worldwide.
With the majority of these subscribers automatically pushing new security updates as they become available, all impacted systems were put into a BSOD (Blue Screen of Death) state. This triggered an infinite boot cycle of the operating system, leaving the systems unable to boot correctly. The operating system then attempts to restart but encounters the same error, causing the process to repeat indefinitely.
On July 19, CrowdStrike’s CEO George Kurtz announced on X that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts.” He also confirmed that “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”
What has been the aftermath of this incident?
Even though this CrowdStrike event only affected less than 1% of all Microsoft-enabled systems, the aftermath so far has been significant.
One of the largest industries impacted by the major outages caused by this faulty update has been air travel. On Friday, more than 3,300 flights had already been canceled around the globe. In the United States, three major airlines — Delta, American and United — all grounded their flights for several hours, causing a significant backlog of customer and commercial travel. Airports in Tokyo, Amsterdam and Delhi were also impacted while creating major issues in other international locations.
Banking institutions were also significantly disrupted by system outages that impacted everything from ATMs to mobile banking applications and call centers. Even more critical has been the impact on essential emergency services such as hospitals and 911 dispatch teams.
Massachusetts General Hospital released the following statement regarding the impact of the outage on its operations: “A major worldwide software outage has affected many of our systems at Mass General Brigham, as well as many major businesses across the country. Due to the severity of this issue, all previously scheduled non-urgent surgeries, procedures and medical visits are canceled today.”
The ongoing aftermath of this situation has demonstrated how reliant we are on an interconnected ecosystem of technology and services.
How is this issue being resolved?
As George Kurtz mentioned in his statement on X, CrowdStrike has already fixed the issue on its end and is actively working with its customers to fully resolve the problem. However, in an interview on the TODAY show on NBC, he also stated, “It could be some time for some systems that just automatically won’t recover.”
Many IT experts agree with this statement and claim it could take several days for larger organizations to get their systems back to normal operation. The problem lies in the BSOD issues that are being created. This means that while CrowdStrike has “pushed” an automatic update to users on their end since many customers will be unable to fully reboot their system, they won’t be able to receive and install the update.
CrowdStrike has published manual remediation actions for IT administrators to follow in the event they can’t see an automatic recovery from the issue. These actions involve booting an operating system into “safe mode,” making modifications to the installed drivers and rebooting again safely.
While the company has been clear that it has a permanent fix for this issue, it will take time for IT administrators to gain manual access to remote servers and systems running Microsoft operating systems so they’re able to address these issues.
Unfortunately, the damage has already been done. The ongoing ripple effects of significant economic impacts caused by this event continue to spread, with early estimates of the total losses associated nearing $1 billion.
Get IBM support updates here. If you are experiencing cybersecurity issues or an incident, contact IBM X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.