The outage that continued to snarl systems from airports to stock exchanges Friday morning started when it struck users of Microsoft’s Windows operating system late Thursday (July 18) and early Friday (July 19) and was caused by cybersecurity firm CrowdStrike’s software update, CrowdStrike CEO George Kurtz said in a Friday post on X.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” Kurtz said in the post. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.”
The company identified and isolated the issue, deployed a fix and referred customers to its support portal for further updates, he added. As networks and business systems struggled to get online, the firm then updated that fix at 9:22 AM and admitted that the issue had not been fixed. “We are working hard to provide comprehensive and continuous updates with our global customers as quickly as possible,” it said and noted that the company was aware of continued crashes on Windows hosts related to the “Falcon Sensor.”
“Falcon is what is known as an Endpoint Detection and Response platform, which monitors the computers that it is installed on to detect intrusions (i.e., hacks) and respond to them,” said Toby Murray, an associate professor at the University of Melbourne’s School of Computing and Information Systems, in a statement distributed by the Australian Science Media Centre. “That means that Falcon is a pretty privileged piece of software in that it is able to influence how the computers it is installed on behave.”
“We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels,” Kurtz said. “Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”
Microsoft said it was “aware of an issue affecting Windows devices due to an update from a third-party software platform,” Bloomberg reported Friday.
The firm noted the problem and offered a solution on an Azure status page.
“We have been made aware of an issue impacting Virtual Machines running Windows Client and Windows Server, running the CrowdStrike Falcon agent, which may encounter a bug check (BSOD) and get stuck in a restarting state. We approximate impact started at around 19:00 UTC on the 18th of July,” Microsoft said on the page.
The outage caused by the update disrupted computer systems at businesses and public services around the world, including corporations, airlines and stock exchange operators, according to the Bloomberg report.
“This is unprecedented. The economic impact is going to be huge,” Alan Woodward, professor of cybersecurity at Surrey University, told Bloomberg.
The outage grounded flights,disrupted banks and financial services, and knocked doctors’ booking services offline, Reuters reportedFriday.
“This is a very, very uncomfortableillustration of the fragility of the world’s core Internet structure,” Ciaran Martin, professor at Oxford University’s Blavatnik School of Government, told Reuters.
CrowdStrike software is used by over half of Fortune 500 companies, the report said, citing a promotional video from the firm.
This incident began on the same day that Swift suffered an outage that affected customers like the Bank of England and the European Central Bank. The outage lasted for several hours Thursday and disrupted high-value transactions across Europe.