A flawed software update from a cybersecurity vendor Crowdstrike innumerable disabled Microsoft Windows computers around the world today, disrupting everything from aviation and financial institutions to hospitals and online businesses. Crowdstrike said a fix has been deployed, but experts say recovery from the outage may take time, as Crowdstrike’s solution needs to be manually applied to each device.
A photo taken at San Jose International Airport today shows the dreaded Microsoft “Blue Screen of Death” across the board. Credit: Twitter.com/adamdubya1990
Earlier today, a flawed update sent out by Crowdstrike began causing Windows machines running the software to display the dreaded “Blue Screen of Death,” rendering those programs temporarily unusable. Like most security software, Crowdstrike needs deep hooks into the Windows operating system to protect digital entrants, and in that area a small coding error can quickly lead to catastrophic results.
In a post on Twitter/X, Crowdstrike CEO George Kurtz he said an update to fix the coding bug had been sent, and that Mac and Linux systems were not affected.
“This is not a security incident or cyberattack,” Kurtz said on Twitter, echoing a statement written by Crowdstrike. “The issue has been identified, singled out and used.”
Posting on Twitter/X, Crowdstrike’s director of threat hunting operations said the fix involves booting Windows into Safe Mode or Windows Recovery Environment (Windows RE), deleting the “C-00000291*.sys” file and restarting the machine.
The software snafu is likely compounded by a recent series of outages involving Microsoft Azure cloud services, The New York Times reports, though it’s not clear whether those Azure issues are related to the ill-fated Crowdstrike update.
A student shared this photo taken today at Denver International Airport. Credit: Twitter.com/jterryy07
Reaction to today’s outage was swift and ferocious on social media, which was filled with images of people in airports surrounded by computer screens displaying Microsoft’s green screen error. Many Twitter/X users accused Crowdstrike’s CEO of failing to apologize for the massive disruption, while others noted that doing so could expose the company to lawsuits.
Meanwhile, the international Windows shutdown quickly became a hot topic on Twitter/X, whose artificial intelligence bots compiled a series of humorous posts from cybersecurity experts pretending to be in their first week of work at Crowdstrike. Amazingly, Twitter/X’s AI condensed this sarcastic post into a sunny, actionable story about Crowdstrike that was promoted as the top conversation on Twitter this morning.
“Many people have recently started working at cybersecurity company Crowdstrike and have expressed excitement and pride in their new roles,” AI’s summary reads. “They shared their experience of pushing code to production on their first day and are looking forward to great results in their work.”
Today’s top story on Twitter/X, as summed up perfectly by X’s AI bots.
Matt Burgess of Wired.com writes that within health care and emergency services, various medical providers around the world have reported problems with their Windows-connected systems, sharing news on social media or on their websites.
“The US Emergency Alert System, which issues hurricane warnings, said there were various 911 outages in many states,” Burgess wrote. “Germany’s Schleswig-Holstein University Hospital said it is canceling unsafe surgery in two areas. In Israel, more than a dozen hospitals were affected, as well as pharmacies, with reports that ambulances were returned to unaffected medical organizations. “
In the United Kingdom, NHS England confirmed that appointments and patient recording systems contributed to the cuts.
“One hospital declared a ‘critical’ incident after a third-party IT system it was using was compromised,” Wired reported. “Also in the country, train operators said there were delays throughout the network, affecting many companies.”
This is a changing story. Stay tuned for updates.