A bug in a CrowdStrike update caused a major disruption to Windows computers in the United States, United Kingdom, Australia, South Africa and other countries, the cloud security company announced Friday. Emergency services, airports and law enforcement reported ongoing downtime.
“This is not a security incident or a cyberattack,” CrowdStrike said in a statement.
Blue Screen of Death has become widespread due to CrowdStrike service outage
Affected organizations saw the infamous Blue Screen of Death, the Windows system crash alert. According to The Verge, the issue originated with an update to a kernel-level driver used to connect CrowdStrike to Windows PCs and servers.
American Airlines, United and Delta flights were delayed Friday morning due to a problem affecting the airlines' computer systems. British media outlet Sky News reported its own television signal outage early Friday. New Hampshire's emergency services department reported it was back online after 911 services were disrupted early Friday.
“The issue has been identified, isolated, and a fix has been implemented,” CrowdStrike said Friday. However, outages are still being reported on some machines that were initially affected.
Microsoft 365 reported a service degradation warning on Friday morning, but this appears to be a separate incident.
According to data emailed to TechRepublic by Gartner, CrowdStrike generated 14.74% of total security software revenue across segments and regions in 2023. Microsoft generated 40.16%.
SEE: Downtime costs the world's largest companies $400 billion a year, according to Splunk.
What steps can businesses take if they are affected by the CrowdStrike service disruption?
CrowdStrike recommends that its customers stay in touch with CrowdStrike representatives. Organizations, even those not directly impacted, should check with their SaaS partners to see if they may be experiencing issues.
Because this issue affected so many different organizations, this might be a good time to evaluate your organization's dependence on a vendor or service, as well as ensure your organization has a robust recovery process in place.
This article will be updated as more information becomes available.