Numerous companies globally, including airlines and broadcasters, have been disrupted by a massive Microsoft Windows BSOD (blue screen of death) outage. This widespread problem arose from a faulty update by the security firm CrowdStrike, which caused PCs and servers to enter an unrecoverable boot loop.
Though the problematic update has been rolled back and some services, such as airlines and hospitals, began to recover by midday in the US, many systems remain impacted.
CrowdStrike acknowledged the issue in a Reddit post, noting widespread BSOD reports on Windows hosts across various sensor versions. They identified the cause as a content deployment issue and have since reverted the changes.
CrowdStrike provided a workaround involving booting Windows into Safe Mode and removing a specific driver. CEO George Kurtz apologized for the disruption on the Today show, expressing regret for the global impact caused.
The outage had significant repercussions, grounding flights for airlines such as Delta and Frontier, and affecting UK broadcaster Sky and the London Stock Exchange. Thousands of US flights were canceled, with FlightAware reporting over 2,500 cancellations by mid-afternoon. Although recovery efforts were underway, the process was slow and incomplete.
US Transportation Secretary Pete Buttigieg instructed airlines to treat the situation as a self-inflicted failure, meaning they had to cover costs for affected travelers, prompting a policy reversal from United Airlines.
IT professionals worldwide faced challenges in addressing the widespread disruption. Many Reddit users, including IT managers from countries like Australia, Malaysia, and Japan, shared their struggles. One user likened the situation to a catastrophic event, with half of their organization down due to the BSOD loop. Others described the difficulty of assisting non-technical users in booting their machines into Safe Mode to apply the workaround.
The issue also affected US court systems, leading to postponed cases, including Harvey Weinstein’s trial, and disrupted hospital operations, delaying surgeries and other medical procedures. CrowdStrike’s key product, Falcon, which provides real-time threat protection, was likely the cause of the incident.
Compounding the problem, Microsoft faced a separate outage with its Azure services and Microsoft 365 apps, further complicating the situation for affected users. CrowdStrike CEO confirmed the problem was due to a defect in a content update, not a security incident or cyberattack, and stated that a fix had been deployed, although it was unclear if this would resolve issues for machines already in a boot loop.