Light Dark
July 23, 2024 By Josh Nadeau 3 min read
News

On Friday, July 19, 2024, nearly 8.5 million Microsoft devices were affected by a faulty system update, causing a major outage of businesses and services worldwide. This equates to nearly 1% of all Microsoft systems globally and has led to significant disruptions to airlines, police departments, banks, hospitals, emergency call centers and hundreds of thousands of other private and public businesses.

What caused this outage in Microsoft systems?

The global outage of specific Microsoft-enabled systems and servers was isolated to a faulty software update released by CrowdStrike, one of the largest independent cybersecurity companies with nearly 30,000 subscribers worldwide.

With the majority of these subscribers automatically pushing new security updates as they become available, all impacted systems were put into a BSOD (Blue Screen of Death) state. This triggered an infinite boot cycle of the operating system, leaving the systems unable to boot correctly. The operating system then attempts to restart but encounters the same error, causing the process to repeat indefinitely.

On July 19, CrowdStrike’s CEO George Kurtz announced on X that the company is “actively working with customers impacted by a defect found in a single content update for Windows hosts.” He also confirmed that “This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.”

What has been the aftermath of this incident?

Even though this CrowdStrike event only affected less than 1% of all Microsoft-enabled systems, the aftermath so far has been significant.

One of the largest industries impacted by the major outages caused by this faulty update has been air travel. On Friday, more than 3,300 flights had already been canceled around the globe. In the United States, three major airlines — Delta, American and United — all grounded their flights for several hours, causing a significant backlog of customer and commercial travel. Airports in Tokyo, Amsterdam and Delhi were also impacted while creating major issues in other international locations.

Banking institutions were also significantly disrupted by system outages that impacted everything from ATMs to mobile banking applications and call centers. Even more critical has been the impact on essential emergency services such as hospitals and 911 dispatch teams.

Massachusetts General Hospital released the following statement regarding the impact of the outage on its operations: “A major worldwide software outage has affected many of our systems at Mass General Brigham, as well as many major businesses across the country. Due to the severity of this issue, all previously scheduled non-urgent surgeries, procedures and medical visits are canceled today.”

The ongoing aftermath of this situation has demonstrated how reliant we are on an interconnected ecosystem of technology and services.

How is this issue being resolved?

As George Kurtz mentioned in his statement on X, CrowdStrike has already fixed the issue on its end and is actively working with its customers to fully resolve the problem. However, in an interview on the TODAY show on NBC, he also stated, “It could be some time for some systems that just automatically won’t recover.”

Many IT experts agree with this statement and claim it could take several days for larger organizations to get their systems back to normal operation. The problem lies in the BSOD issues that are being created. This means that while CrowdStrike has “pushed” an automatic update to users on their end since many customers will be unable to fully reboot their system, they won’t be able to receive and install the update.

CrowdStrike has published manual remediation actions for IT administrators to follow in the event they can’t see an automatic recovery from the issue. These actions involve booting an operating system into “safe mode,” making modifications to the installed drivers and rebooting again safely.

While the company has been clear that it has a permanent fix for this issue, it will take time for IT administrators to gain manual access to remote servers and systems running Microsoft operating systems so they’re able to address these issues.

Unfortunately, the damage has already been done. The ongoing ripple effects of significant economic impacts caused by this event continue to spread, with early estimates of the total losses associated nearing $1 billion.

Get IBM support updates here. If you are experiencing cybersecurity issues or an incident, contact IBM X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.

 |  |  |  | 
Josh Nadeau
Cybersecurity Writer

More from News
January 13, 2025

Insights from CISA’s red team findings and the evolution of EDR

3 min read - A recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of network-level protections. These findings underscore a familiar challenge: Why do organizations place so much trust in EDR alone, and what must change to address its shortcomings? EDR’s double-edged sword A cornerstone of cyber resilience strategy, EDR solutions are prized for…

December 30, 2024

DHS: Guidance for AI in critical infrastructure

4 min read - At the end of 2024, we've reached a moment in artificial intelligence (AI) development where government involvement can help shape the trajectory of this extremely pervasive technology. In the most recent example, the Department of Homeland Security (DHS) has released what it calls a "first-of-its-kind" framework designed to ensure the safe and secure deployment of AI across critical infrastructure sectors. The framework could be the catalyst for what could become a comprehensive set of regulatory measures, as it brings into…

December 26, 2024

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces. AI in every pocket Having…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature