Businesses and services worldwide are gradually recovering from a significant IT outage that disrupted computer systems for hours on Thursday and Friday. The outage, caused by a faulty software update from cybersecurity firm CrowdStrike, affected Microsoft Windows systems, impacting businesses, banks, hospitals, and airlines.
CrowdStrike’s CEO apologized for the disruption and announced that a fix had been issued, though he admitted that full system restoration could take some time. Airlines are beginning to resume normal operations after thousands of flights were canceled, but some delays and cancellations are expected to persist through the weekend. Many businesses are also dealing with backlogs and missed orders that may take days to resolve.
Health services in Britain, Israel, and Germany were also affected, leading to some canceled operations. The global disruption has raised concerns about the vulnerability of interconnected technologies and the potential widespread impact of a single software glitch.
The issue began at 19:00 GMT on Thursday and affected Windows users running CrowdStrike Falcon cybersecurity software. The full extent of the problem became clear by Friday morning. By Friday evening, issues were easing in many parts of the world, with many airports reporting improvements in check-in and payment systems. Hong Kong International Airport, for example, resumed normal operations.
JP Morgan Chase, the largest bank in the US, is working to restore service to ATM machines. Downdetector, a site that monitors tech issues, showed fewer problems in the UK by the end of the day.
CrowdStrike CEO George Kurtz stated on X that a defect was found “in a single content update for Windows hosts.” He apologized for the impact and noted that many customers were rebooting their systems, which should become operational after several reboots. However, some systems may not automatically recover, requiring additional efforts to ensure full recovery.
Microsoft indicated that multiple reboots might be necessary, with some users reporting up to 15 reboots to resolve the issue. Tech experts mentioned that CrowdStrike’s fix would need to be applied separately to each affected device.
The incident has sparked questions about CrowdStrike’s influence as a major player in the cybersecurity market and the risks of having such a critical part of the industry controlled by a small number of companies. CrowdStrike’s shares fell by around 12% on Friday, benefiting rivals SentinelOne and Palo Alto Networks.
The problems were first noticed in Australia and significantly impacted the air travel industry. Airports experienced delays, with long queues, canceled or delayed flights, grounded aircraft, and stranded passengers. Some airports had to bring in extra staff to manually check in passengers.
By 18:00 GMT on Friday, aviation data from Cirium indicated that more than 4,000 flights, or 3.9% of the total, had been canceled, although this figure may include flights canceled for other reasons.