Is Microsoft outage fixed? CrowdStrike deploys fix, but CEO warns 'could take some time' to return to normal
CROWDSTRIKE PRESS OFFICE
A botched update from antivirus firm CrowdStrike has wreaked havoc on IT infrastructure around the world, grounding flights, causing chaos with budget airlines Ryanair and Wizz Air, leaving banks and businesses unable to accept payment, and cutting off Sky News during a broadcast.
The outage is also “causing disruption in the majority of GP practices” in England. The NHS said patients should attend appointments unless told otherwise and should only contact their GP in urgent cases.
If you're wondering what is CrowdStrike, then we have an in-depth explainer about the Texas-based firm. But when will the global IT outage be resolved?
Unfortunately, this is not going to be a quick fix.
CrowdStrike Chief Executive George Kurtz has provided some fresh details about the issue, confirming that it was caused by “defect in a single content update for Windows hosts” — in short, a glitch in a software update rolled out to customers using Windows 10 or Windows 11.
It's that glitch within the code that's caused millions of PCs to display the so-called Blue Screen of Death (BSOD), rendering them unusable. Businesses, online services, and institutions around the world reliant on these Windows PCs to power their infrastructure collapsed — taking their online services offline.
When asked about a timeline, CrowdStrike CEO George Kurtz warned that while some systems are already back online, others "automatically won't recover" and that a fix for every affected PC "could take some time".
Speaking exclusively with NBC, Mr Kurtz said: "We're deeply sorry for the impact we've caused to customers, to travellers, to anyone affected by this".
CrowdStrike executive George Kurtz reassured the outage isn't the result of a “security incident or cyberattack", and that the problem had been “identified” and “isolated” and a “fix has been deployed”. So, now that CrowdStrike has finalised a fix for the worldwide outage, when will everything come back online?
Unfortunately, it could be a while.
Given the vast scale of devices and businesses impacted by the CrowdStrike outage, it'll take several days for every impacted computer to be fixed and returned to normal use, particularly at smaller companies with fewer resources. The nature of the issue is also likely to slow down that process.
Since the error in the CrowdStrike 'Falcon' sensor has left Windows 10 and Windows 11 PCs stuck on the Blue Screen of Death error screen, these machines will not be able to update automatically as they're not connected to the internet.
As such, applying the fix from CrowdStrike promises to be a long and arduous process.
According to some security experts, applying the fix will likely require a human visit to every affected PC.
To explain that recovery point - you have to go to a server or PC, boot it in safe mode at the console, log in as admin, then basically hack the system to get it back online. You can't automate that.. so this is going to be incredibly painful for Crowdstrike customers.
— Kevin Beaumont (@GossiTheDog) July 19, 2024
This could take days or even weeks as IT experts work on every cash point, supermarket checkout, airport departure board, and more. One post on X, formerly Twitter, summarised the issue succinctly: "Just to be clear, fixing this CrowdStrike issue will require basically a human visit to every machine.
"Some of the machines will not be able to get into the recovery environment, and require a USB stick boot. Centrally fixing this is not possible it happens before anything loads."
Security expert Kevin Beaumont added in a separate post on X: "To explain that recovery point - you have to go to a server or PC, boot it in safe mode at the console, log in as admin, then basically hack the system to get it back online. You can't automate that.. so this is going to be incredibly painful for Crowdstrike customers."
It's tough to estimate how long that will take, but needless to say, the CrowdStrike outage is an entirely different scale what we've seen before. When a popular website goes offline because of an issue with its code or servers, everyone is able to access it as soon as the company has resolved the bug.
Although CrowdStrikes says it's already deployed a fix, IT professionals will need to take action before these changes take effect. At the very least, signs of disruption will likely remain all day Friday and into the weekend. For smaller firms with a shortage of IT staff, it could continue into next week.
Calvin Gan, who works as a Scam Protection Strategy Senior Manager at Finnish security firm F-Secure, told GB News: "While CrowdStrike has provided a fix for devices which had not previously received the faulty update, machines that were impacted will need to have the faulty file manually removed in Windows Safe Mode and deleted before they’re able to be used.
"Incidents such as these, which can cause a global ripple effect, provide a stark reminder for companies to continuously plan and iterate a robust business continuity and disaster recovery plan.
"No one company can predict nor is immune to incidents such as these. And when these do occur, it becomes a question on how fast companies can recover and resume operation, especially for critical services that ultimately impact the everyday person."
Microsoft might be able to help with an update to its Windows operating system. A spokesperson at the company confirmed that it's working on a patch to help.
"We are aware of an issue affecting Windows devices due to an update from a third-party software platform," the US software giant said. "We anticipate a resolution is forthcoming."
CrowdStrike has urged customers to check its support portal for updates and assistance. Chief Executive George Kurtz says the Texas firm is "actively working with customers" to resolve the issue.
According to cybersecurity experts, the good news is that CrowdStrike's botched update only impacts PCs running on the Windows operating system. CrowdStrike confirmed Apple Mac and Linux users were unaffected – and a fix having been deployed should mean larger IT departments can quickly begin restoring services.
Meanwhile, until the fix is successfully applied to all Windows machines impacted by the Blue Screen of Death, chaos continues across the globe.
In the last few hours, the National Pharmacy Association said “services in community pharmacies, including the accessing of prescriptions from GPs and medicine deliveries, are disrupted today”.
Sky News was briefly knocked off air and was then broadcasting at a reduced capacity, while many retailers reported issues with taking digital payments, with banks and the London Stock Exchange also reporting issues, although trading has continued.
At airports around the world, airlines reported being unable to process passengers and resorted to manually checking in customers. Some recommended passengers should not attempt to check in bags, and large queues formed at airports across the UK. Train services were also disrupted with ticketing services at some stations impacted.