UPDATED 6:48 A.M.
(Reuters) – A software update wreaked havoc on computer systems globally on Friday, grounding flights, forcing some broadcasters off air and hitting services from banking to healthcare.
An update to a product offered by global cybersecurity firm CrowdStrike appeared to be the trigger, affecting customers using Microsoft’s Windows Operating System. Microsoft said later on Friday the issue had been fixed.
CrowdStrike CEO George Kurtz said on social media platform X that the company was “actively working with customers impacted by a defect found in a single content update for Windows hosts” and that a fix was being deployed.
“This is not a security incident or cyberattack,” Kurtz said in the post.
Early on Friday, major U.S. airlines – American Airlines, Delta Airlines and United Airlines – grounded flights, while other carriers and airports around the world reported delays and disruptions.
Banks and financial services companies from Australia to India and Germany warned customers of disruptions and traders across markets spoke of problems with executing transaction.
“We are having the mother of all global market outages,” one trader said.
In Britain, booking systems used by doctors were offline, multiple reports posted on X by medical officials said, while Sky News, one of the country’s major news broadcasters was off air, apologizing for being unable to transmit live, and soccer club Manchester United said on X that it had to postpone a scheduled release of tickets.
Microsoft’s cloud unit Azure said it was aware of the issue that impacted virtual machines running Windows OS and the CrowdStrike Falcon agent getting stuck in a “restarting state,” amid an ongoing global outage.
“We’re aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming,” a Microsoft spokesperson said.
In an alert to clients issued at 0530 GMT on Friday, CrowdStrike said its “Falcon Sensor” software was causing Microsoft Windows to crash and display a blue screen, known informally as the “Blue Screen of Death”. It also shared a manual workaround to rectify the issue.
Over half of Fortune 500 companies used CrowdStrike software, the U.S. firm said in a promotional video this year.
“This is a a very, very uncomfortable illustration of the fragility of the world’s core Internet infrastructure,” said Ciaran Martin, Professor at Oxford University’s Blavatnik School of Government and former head of the UK National Cyber Security Centre.
The outages rippled far and wide.
Airports in Singapore, Hong Kong and India said the outage meant some airlines were having to check in passengers manually.
Amsterdam’s Schiphol Airport, one of Europe’s busiest, said it was affected, while airline Iberia said it had been operating manually at airports until its electronic check-in counters and online check-ins were reactivated. It said there had been some delays but no flight cancellations.
Air France-KLM said its operations were disrupted.
The Dutch foreign affairs ministry told Dutch press agency ANP it had been affected. A spokesperson was not immediately available for comment.
While there were reports of companies gradually restoring their services, analysts weighed the potential of what one called the biggest ever outage in the industry and the broader economy.
“IT security tools are all designed to ensure that companies can continue to operate in the worst-case scenario of a data breach, so to be the root cause of a global IT outage is an unmitigated disaster,” said Ajay Unni, CEO of StickmanCyber, one of Australia’s largest cybersecurity services companies.
(Reporting by Reuters bureaus; Writing by Tomasz Janowski; Editing by Emelia Sithole-Matarise)
EDINBURGH/LONDON/SEOUL (Reuters) – Air passengers around the world faced delays, cancellations and problems checking in as airports and airlines were caught up in a massive IT outage that also affected industries ranging from banks to media companies.
In Edinburgh, a Reuters witness said boarding pass scanners carried a “server offline message”, with the airport saying passengers shouldn’t travel to the airport without checking their flight status online first.
Elsewhere, airports and airlines advised customers to arrive earlier than normal for flights. Analysts said the outage was likely tied to a glitch in Microsoft software used globally.
Microsoft said users might be unable to access various Office 365 apps and services due to a “configuration change in a portion of our Azure-backed workloads”.
Hong Kong International Airport said a Microsoft outage was affecting several airlines and it had switched to manual check-in, but flight operations had not been affected.
Singapore’s Changi airport also said check-ins were being handled manually.
According to an alert sent by Crowdstrike to its clients and reviewed by Reuters, the company’s “Falcon Sensor” software is causing Microsoft Windows to crash and display a blue screen, known informally as the “Blue Screen of Death”.
The alert, sent at 0530 GMT on Friday, also shared a manual workaround to rectify the issue. A Crowdstrike spokesperson did not respond to emails or calls requesting comment.
The aviation sector is hit particularly hard due to its sensitivity to timings. Airlines rely on a closely coordinated schedule often run by air traffic control. Just one delay of a few minutes can throw off a flight schedule for take-offs and landings for an airport and airline for the rest of the day.
Airlines across the United States, Asia and Europe, including major carriers such as Ryanair, Delta and Air India, said they had either faced delays or disruption.
Several U.S. carriers including American Airlines, United Airlines and Delta Airlines issued ground stops for all their flights early on Friday due to communication problems, according to the U.S. Federal Aviation Administration.
In Europe, Schiphol airport, Berlin airport, London Gatwick, Edinburgh airport and others said they were impacted by the outage.
“We expect longer waiting times and some flight cancellations. Not all airports in Europe were impacted as the issue is linked with a specific OS, Microsoft Azure,” said Agata Lyznik, a spokesperson for airports group ACI Europe.
Some airlines said they were already back online, with Spanish carrier Iberia saying it had managed to avoid flight cancellations.
“From 9:25 a.m. onwards the electronic check-in counters and online check-ins were reactivated. There have been some delays,” a spokesperson said.
(Reporting by Reuters bureaux, James Pearson in London; Writing by Joanna Plucinska; Editing by Mark Potter)
Comments