A defective software update in CrowdStrike Falcon Sensor caused Windows computer systems to crash across the globe, leading to massive disruptions of critical functions across multiple industries.
The outage forced major commercial airlines, including Delta, American and United, to halt flights across the globe, disrupted certain operations at major broadcast networks and impacted commercial bank operations.
CrowdStrike CEO George Kurtz apologized for the incident and said a fix had been deployed to resolve an issue with a Falcon content update, in an updated statement.
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” Kurtz said in the emailed statement. “We are working with all impacted customers to ensure that systems are back up and they can deliver the services their customers are counting on.”
As details of the outage unfolded, Kurtz was quick to say the incident was not related to a cyberattack or other security incident and the issue had been identified, isolated and a fix had been deployed.
Microsoft warned that Microsoft 365 users would not be able to access various applications and services, according to a status update.
However, the company said it was applying mitigation steps to improve the ability of Microsoft 365 applications to function.
“Our telemetry is indicating that the remaining impacted scenarios are progressing towards a full recovery, and we’re closely monitoring to ensure this progress continues,” Microsoft said in the update.
The Cybersecurity and Infrastructure Security Agency is working closely with CrowdStrike, along with critical infrastructure and federal, state and local governments to assess the impact, a spokesperson said via email.
Software industry analysts and security experts raised concerns about how a defect involving a single vendor could potentially lead to such massive disruption of services.
“It is still too early to determine how such an error occurred, and whether a code fault with the driver, or an unanticipated and undocumented change in the Windows operating system which CrowdStrike was unable to predict, is responsible,” Rob Reeves, principal cyber security engineer at Immersive Labs, said in a statement.
However, Reeves noted that heavy reliance on Falcon is a “double-edged sword” causing untold disruption to global systems.
Editor’s note: This story has been updated to include a statement from CrowdStrike.