Yesterday, a malicious software update from cybersecurity provider Crowdstrike rendered numerous Microsoft Windows systems inoperable worldwide, interfering with internet operations for hospitals, businesses, financial institutions, and airlines. Although experts warn that recovery from this outage may take some time, as Crowdstrike’s solution must be manually administered per machine, the company has stated that a remedy has been released.
The program started displaying the infamous “Blue Screen of Death” on Windows computers running it yesterday due to an incorrect update that Crowdstrike sent out, making those systems momentarily inoperable. Like other security software, Crowdstrike depends on extensive integration with the Windows operating system to repel cyberattacks; yet, even a minor programming mistake might have disastrous consequences in such a setting.
George Kurtz, the CEO of Crowdstrike, stated in a post on Twitter/X that Mac and Linux users are unaffected and that an update has been sent to fix the code error.
“This is not a security incident or cyberattack,” Kurtz said on Twitter, echoing a written statement by Crowdstrike. “The issue has been identified, isolated and a fix has been deployed.”
According to a tweet from Crowdstrike’s threat-hunting operations director, the solution is to restart the computer after removing the file “C-00000291*.sys” and booting Windows into Safe Mode or the Windows Recovery Environment (Windows RE).
According to The New York Times, a recent spate of failures affecting Microsoft’s Azure cloud services may have made the software problem worse. However, it’s still unclear whether these Azure issues are connected to the problematic Crowdstrike version. Revision at 4:03 p.m. ET: According to Microsoft, the problematic Crowdstrike upgrade had nothing to do with today’s Azure issues.
According to Matt Burgess at Wired, numerous medical practitioners worldwide have reported problems with Windows-linked systems, and disseminating information on social media or their websites.
“The US Emergency Alert System, which issues hurricane warnings, said that there had been various 911 outages in several states,” Burgess wrote. “Germany’s University Hospital Schleswig-Holstein said it was cancelling some nonurgent surgeries at two locations. In Israel, more than a dozen hospitals have been impacted, as well as pharmacies, with reports saying ambulances have been rerouted to nonimpacted medical organizations.”
The appointment and patient record systems in the UK have been affected by the disruptions, according to NHS England.
“One hospital has declared a ‘critical’ incident after a third-party IT system it used was impacted,” Wired reports. “Also in the country, train operators have said there are delays across the network, with multiple companies being impacted.”
People at airports with computer screens flashing the Microsoft blue screen error were the subject of intense and quick reactions on social media in response to today’s outage. Although several pointed out that the CEO of Crowdstrike might face legal action if he apologized for the extremely disruptive event, many Twitter/X users chastised the CEO for not doing so.
In the meantime, the global Windows outage swiftly emerged as the most discussed topic on Twitter/X, where a collection of satirical postings from cybersecurity experts posing as first-week employees at Crowdstrike was compiled by artificial intelligence bots. Amazingly, Twitter/X’s AI condensed these caustic tweets into a positive, upbeat narrative about Crowdstrike, which was trending as the top topic on Twitter this morning.
“Several individuals have recently started working at the cybersecurity firm Crowdstrike and have expressed their excitement and pride in their new roles,” the AI summary read. “They have shared their experiences of pushing code to production on their first day and are looking forward to positive outcomes in their work.”