Crowdstrike global outage: When will the Microsoft issue be fixed?

Cybersecurity firm CrowdStrike confirmed an update had affected customers using Microsoft Windows around the world

Rob Freeman
Monday 22 July 2024 08:51 BST
Timelapse: How global Microsoft IT outage grounded flights across US

Your support helps us to tell the story

This election is still a dead heat, according to most polls. In a fight with such wafer-thin margins, we need reporters on the ground talking to the people Trump and Harris are courting. Your support allows us to keep sending journalists to the story.

The Independent is trusted by 27 million Americans from across the entire political spectrum every month. Unlike many other quality news outlets, we choose not to lock you out of our reporting and analysis with paywalls. But quality journalism must still be paid for.

Help us keep bring these critical stories to light. Your support makes all the difference.

Experts have warned it could take weeks for systems to fully recover from a global outage which has seen disruption including flight delays and cancellations.

A flawed update rolled out by CrowdStrike, one of the world’s largest cybersecurity providers, knocked many offline around the world on Friday, causing flight and train cancellations and crippling some healthcare systems.

Here is a closer look at what we know about the incident

What exactly has happened?

CrowdStrike chief executive George Kurtz confirmed the issue was caused by a “defect in a single content update for Windows hosts” – in short, a flaw in a software “sensor configuration” update pushed out to customers.

He said a fix had been deployed for a bug in an update which affected Microsoft Windows PCs, causing many to crash, some displaying the so-called “blue screen of death”, and become unusable. CrowdStrike confirmed Apple Mac and Linux users were unaffected

IT infrastructure at businesses and institutions around the world collapsed, taking many businesses and their online services offline.

In an interview with NBC’s Today Show in the US, Mr Kurtz said the incident was not a cyber attack, while a technical statement from CrimeStrike on Saturday said a “sensor configuration” had “triggered a logic error” which the company said had been corrected.

Passengers in the South Terminal at Gatwick Airport (Brian Lawless/PA)
Passengers in the South Terminal at Gatwick Airport (Brian Lawless/PA) (PA Wire)

What is the scale of the impact?

Substantial – around the world, banks, supermarkets and other major institutions saw services disrupted, while many businesses were unable to take digital payments or access key databases.

NHS England said “the majority of GP practices” had experienced disruption and ambulance services reported increases in 999 and NHS 111 calls from patients who were unable to contact other NHS providers, while the National Pharmacy Association said pharmacies had seen issues “including the accessing of prescriptions from GPs and medicine deliveries”.

Airlines reported being unable to process passengers and resorted to manually checking in customers at airports around the world with 167 flights departing from the UK and 171 incoming cancelled on Friday. Aviation analytics company Cirium said 5,078 flights – or 4.6% of those scheduled – were cancelled globally.

Govia Thameslink Railway warned passengers to expect disruption because of “widespread IT issues” while Sky News was forced off air briefly on Friday morning, while customers faced issues with attempting to pay using cards.

How has CrowdStrike responded?

Mr Kurtz said he is “deeply sorry” for the situation and said CrowdStrike was “actively working” with those impacted.

Saying the issue had been “identified” and that a “fix has been deployed”, he said his team was “fully mobilised to ensure the security and stability of CrowdStrike customers”.

A person views a check-in display at Edinburgh Airport (Andrew Milligan/PA)
A person views a check-in display at Edinburgh Airport (Andrew Milligan/PA) (PA Wire)

In a letter to customers and partners, Mr Kurtz said: “We know that adversaries and bad actors will try to exploit events like this.

“I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

How long will the issue take to be rectified?

Industry expert Adam Leon Smith of BCS, the Chartered Institute for IT, warned it could take “weeks” for all computers and systems to be fully restored, while Mr Kurtz said it would take “some time”.

He told NBC: “Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that just automatically won’t recover, but it is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.”

Cybersecurity experts said it is good news that the issue has only impacted Windows users and a fix having been deployed should mean larger IT departments can quickly begin restoring services, while Microsoft deputy chief information security officer Ann Johnson said they could not predict how long it would take to get all customers back online.

Signs of disruption are likely to remain into the weekend with the National Pharmacy Association warning pharmacy services are likely to see delays as outlets deal with a backlog of medicine deliveries while airports across the UK stressed that passengers should check with airlines for any delays or cancellations before travelling over the weekend.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in