An update from a cybersecurity firm CrowdStrike caused a significant IT outage on Friday, impacting businesses world wide.
CrowdStrike told NBC that it was within the technique of rolling back the update that caused the difficulty and later announced that a fix for the defect had been deployed.
“CrowdStrike is actively working with customers affected by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not affected,” said CEO George Kurtz in a Statement on X .
“This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed.”
He added that customers should check the support portal for the newest updates and interact with their CrowdStrike representatives through official channels.
Railroad Union Pacific is now back to full capacity after processing delays and “various impacts” occurred on Friday morning.
“The majority of our customers' freight is in transit and full flow has returned to our network following the CrowdStrike software outage this morning,” Union Pacific told CNBC. “In response to the outage, our teams quickly implemented protocols and communications plans that enabled us to maintain our trains running safely.”
–Ece Yildirim
” Publisher = “[object Object]” about=”
CNBC's live blog on the IT outage affecting businesses worldwide is now closed.
” featured content = “
Companies around the world were struggling with a sustained, massive IT outage on Friday. Financial services and medical practices were disrupted, while some television stations went offline. Air traffic was hit particularly hard: planes remained on the ground, flights were delayed and airports issued notices to their passengers.
The outage came as the cybersecurity giant CrowdStrike experienced a significant disruption early Friday due to a problem with a recent technical update.
George Kurtz, CEO of CrowdStrike, has since said the company is “actively working with customers affected by a defect present in a single content update for Windows hosts,” stressing that Mac and Linux hosts should not affected.
“This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed.” he said on social media.
One expert said it could possibly be the “biggest IT failure in history.”
Separately, Microsoft Cloud services have been restored after an outage, the company said on Friday, although many users continued to report problems.
CrowdStrike shares closed down 11%.
Read more:
How a software update from cyber company CrowdStrike caused one of the world's largest IT blackouts
Flights cancelled, passengers face delays due to global IT outages
CrowdStrike shares fall after massive outage hits companies worldwide
Microsoft and CrowdStrike IT outage impacts global supply chains, air freight takes days or weeks to recover
Global technology outage hits financial services firms including Charles Schwab
“Coverage End Date=”2024-07-20T01:00:00+0000” Relationship=”[object Object]”>
Kurtz apologized to those affected in an interview on NBC's “TODAY” program early Friday.
“First, I want to say that we are deeply sorry for the impact we have caused to our customers, to travelers and to everyone affected, including our company,” he said.
“An update was sent to the system, and that update had a software bug and caused a problem with the Microsoft operating system. And now we're working with each and every customer to make sure we can get them back online.”
Kurtz added that the update was normal and part of the company's routine process to prevent security risks, but noted that an investigation is needed to find out what went wrong.
The confirmation came after numerous reports of technical problems. Microsoft Users around the world are faced with an error screen known as the “Blue Screen of Death.”
CrowdStrike shares fell about 11% on Friday, while Microsoft shares were little modified.
“A major failure”
The numerous companies affected included airlines, hospitals and financial services providers.
American Airlines which describes itself as the world's largest, said a technology problem was affecting “several airlines,” including American, while the Dutch arm of Air France-KLM said it was “forced to suspend most” of its operations.
In the UK, the Royal Surrey Hospital declared a “Catastrophe” and had to temporarily suspend X-ray treatment. The National Health Service in England, meanwhile, announced that there had been disruptions in most doctor's offices.
Banks and financial firms around the world have reported problems. German insurance giant Allianz said it had “experienced a significant outage that affected employees' ability to log into their computers. Several corporations have been affected along with Allianz.”
NBCUniversal is also affected by the CrowdStrike outage.
'unprecedented'
Satnam Narang, principal researcher at Tenable, told CNBC on Friday that the outage had “profound implications” and was unique in its size and scope.
“The challenge is that security software – since it does its job of protecting organizations – must have more privileged access to those machines,” he said.
“So… while people might even see this as a Windows error, they see just a little blue screen pop up, it's probably not a Windows problem, but is expounded to a faulty or bad update of this security software.”
Narang added: “We have never seen anything like this before, it is absolutely unprecedented.”
Omer Grossman, CIO of cybersecurity company CyberArk, said the damage caused by this outage will be “dramatic.”
“The flaw is on account of a software update to CrowdStrike's EDR product. This is a product that runs with high privileges and protects endpoints. A malfunction in it may cause the operating system to crash, as we’re seeing in the present incident,” he said in an emailed comment.
According to Grossman, it will not be easy to get back online.
“It seems that the endpoints have crashed – the Blue Screen of Death – and can’t be updated remotely. Therefore, the issue should be resolved manually, endpoint by endpoint. This process is anticipated to take several days,” he added.
