Businesses across the globe are being affected by a serious issue caused by what appears to be a faulty security update from CrowdStrike which is causing Windows machines to encounter the dreaded Blue Screen of Death (BSOD) – and that’s having a major knock-on effect where airlines, online services and even TV channels are failing.
Obviously, this has caused a huge amount of concern around the world. The issue was first noticed by Australian businesses as computers running Windows went offline, and the issue is now being detected in Europe.
Sky News in the UK went down for a while, and popular airline Ryanair has posted that “We’re currently experiencing disruption across the network due to a Global 3rd party IT outage, which is entirely out of our control. Booking and check-in are currently unavailable.” Ryanair recommends that people who are due to travel today check in at the airport, rather than trying to do so online.
We’re obviously not on air – we’re trying 🤞@SkyNews Breakfast pic.twitter.com/ZKvVacRgUYJuly 19, 2024
We have a live blog collecting all the developing news as it hits, and we’ll be updating this page with everything we know about the issue and how it might affect you.
This story is developing
What’s happening?
Millions of companies around the world rely on Windows PCs, and in the early hours of July 19, widespread reports started coming in that many of these PCs that major companies use were encountering ‘blue screen of death’ errors, taking services and systems offline.
For anyone who has used a Windows PC over the past 40 years, you’ll know that a blue screen of death (BSOD) error can be pretty nasty – it essentially forces the computer to stop what it’s doing and the only thing you can do is reboot the PC and hope that the problem doesn’t occur again. If it does, then the PC is in a pretty bad shape, and you’ll need to do some troubleshooting to try to fix the BSOD error.
This can be extremely frustrating for individuals who find their Windows 11 PC or laptop can no longer run – but when the PCs used by hospitals, airlines and banks start getting affected, things can get really bad. Unfortunately, that seems to be the case here.
Who is affected?
So, who is affected by this BSOD outage? So far it looks like a heck of a lot – with major businesses around the globe getting hit – and that means thousands, if not millions, of customers, patients and anyone relying on these services will be affected.
This could mean hospital appointments are cancelled, or trains or airplanes delayed. The knock-on effect could be very severe.
So far, it doesn’t seem like personal Windows 11 PCs are being affected – I’m writing this news story on one, and so far it seems fine. These are the companies and institutions that have confirmed they are affected so far:
- Microsoft
- Microsoft 365
- BetMGM
- Amazon
- Visa
- Sainsbury’s
- Tesco
- RyanAir
- Waitrose (UK)
- Morrisons (UK)
- Wetherspoons (UK)
- Waterstones (UK)
Good morning!! Unfortunately due to technical issues, we will be CASH ONLY today.Apologies for any inconvenience caused ❤️ pic.twitter.com/Og7LRFJ1PUJuly 19, 2024
- Sky News UK (back on air)
BREAKING: Airports, businesses, banks and broadcasters, including Sky News, experiencing issues worldwide after mass IT outage.Follow the latest and find out more on what companies have been impacted: https://t.co/Vljs0MTuQW📺 Sky 501, Virgin 602, Freeview 233 and YouTube pic.twitter.com/LqmYO0AAYsJuly 19, 2024
- BT
- Ladbrokes
- Santander
- Nationwide
- Royal Mail
- Southern Rail (UK)
⚠️ We are currently experiencing widespread IT issues across our entire network. Our IT teams are actively investigating to determine the root cause of the problem.We are unable to access driver diagrams at certain locations, leading to potential short-notice cancellations,…July 19, 2024
- Swiss International Air Lines
SWISS’s flight operations are affected due to IT disruptions at partner organizations and air traffic control. We ask our passengers to please check the status of your flight before traveling to the airport. https://t.co/C3liPTPlH1 pic.twitter.com/ffoNVWngZyJuly 19, 2024
- National Pharmacy Association (UK)
- Schleswig-Holstein university hospital (Germany)
- Berlin BER airport
- KLM
KLM and other airlines and airports have been affected by a global computer outage, making flight handling impossible. We realise that this is very inconvenient for our customers and staff, particularly in the midst of the summer holiday season. We’re working hard to resolve the… pic.twitter.com/O4gm7u0DIWJuly 19, 2024
- Delta (US)
- United (US)
- American Airlines (US)
- IndiGo (India)
- NHS (UK)
The NHS is aware of a global IT outage and an issue with a GP appointment and patient record system.If you have an appointment please do attend unless you are told otherwise. If you need help use 111 online or by phone and in an emergency call 999.➡️https://t.co/M4QxHP2GqMJuly 19, 2024
Why has this happened?
We’re still not entirely sure what has caused this, but it appears to be affecting Windows devices used by businesses.
Early reports suggest that cyber security firm CrowdStrike may be to blame by pushing out a security update for its product that features a bug.
In a message on its customer support website, CrowdStrike says “We have widespread reports of BSODs on Windows hosts, occurring on multiple sensor versions.”
George Kurtz, CEO of CrowdStrike (I don’t envy his job today), has released a statement on X:
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…July 19, 2024
In the statement, Kurtz says that a defect has been found “in a single content update for Windows hosts,” and that Mac and Linux devices are not impacted.
He goes on to say that “this is not a security incident or cyberattack.”
If you want to find out more about CrowdStrike, and why its product appears to have brought down so many systems across the world, then check out our What is CrowdStrike and how did it crash so many business computers? explainer.
When will it be fixed?
It could take a while to sort this mess out, but CrowdStrike has said it has identified a “content deployment related to this issue and reverted those changes.” This supports the theory that it was caused by a bug in an update – and we’re pretty sure there is going to be a lot of pressure on CrowdStrike employees to come up with a fix, as well as IT admins for businesses across the globe.
Meanwhile, Microsoft has confirmed with Tom Warren of the Verge that it is aware of the issue and that it expects a fix soon.
UPDATE: Microsoft tells me it’s “aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming.” #Crowdstrike #BSOD #windows https://t.co/uFN8bHbW2IJuly 19, 2024
So, we don’t have a clear idea of how long this will last, but CrowdStrike has issued workaround steps for anybody experiencing this problem:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:WindowsSystem32driversCrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it
- Boot the host normally
So there’s good news that the major companies at the source of this problem, Microsoft and CrowdStrike, appear to have an idea of what the issue is and are working on a fix.
However, that fix could still take a while to create – and it will then need to be rolled out to potentially millions of PCs around the world. This could be particularly difficult to do if the PCs are stuck on a BSOD loop – which essentially means that a PC encounters a Blue Screen of Death, but when it is restarted, the Blue Screen of Death reappears instantly.
The workaround is welcome, but that could prove to be very time consuming to implement, especially because it requires booting into Safe Mode and manually finding a file and deleting it. For one PC, that might not be too much of an ordeal, but for organizations with hundreds of PCs, that’s going to be a real nightmare.
George Kurtz, CEO of CrowdStrike, has made a statement on X, where he says that “the issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.”
Those hoping that this will prove to be a quick fix may be disappointed. Tom Kidwell, Co-founder, Ecliptic Dynamics and former British Army and UK Government intelligence specialist, got in touch to say that “The outage impacting Windows devices this morning appears to have been caused by a driver update by CrowdStrike, bricking older windows devices and servers, which will be worst hit. Unfortunately for CrowdStrike, if that is the case, it could be nauseating to fix. Due to the nature of the update, an individual from every organisation will need to boot into safe mode, remove the issue file/driver, and then either roll back or update to a new version, something CrowdStrike will need to release very quickly.”