A global IT outage has caused chaos at airports, banks, railways andbusinesses around the world as a wide range of services were taken offline and millions of people were affected.
In one of the most widespread IT crashes ever to hit companies and institutions globally, air transport ground to a halt, hospitals were affected and large numbers of workers were unable to access their computers. In the UK Sky News was taken off air temporarily and the NHS GP booking system was down.
Microsoft’s Windows service was at the centre of the outage, with experts linking the problem to a software update from cybersecurity firm Crowdstrike that has affected computer systems around the world. Experts said the outage could take days from which to recover because every PC may have to be fixed manually.
Overnight, Microsoft confirmed it was investigating an issue with its services and apps, with the organisation’s service health website warning of “service degradation” that meant users may not be able to access many of the company’s most popular services, used by millions of business and people around the world.
Among the affected firms are Ryanair, Europe’s largest airline, which said on its website: “Potential disruptions across the network (Fri 19 July) due to a global third party system outage … We advise passengers to arrive at the airport three hours in advance of their flight to avoid any disruptions.”
What amazes me is that so many big companies still use windows in critical core infrastructure.
Windows endpoints is one thing, but anyone using windows servers and MSSQL for mission critical application stacks need to be hit with the modernization hammer.
And then on top of that, they do not have a test rollout of any changes in a test environment, before rolling it out in the production stack.
Good luck to all the engineers in the trenches, having to fix the mistakes of their leadership.
I’ve not used crowdstrike, but looks like a part of the pitch is “cloud managed”, which often implies that the vendor takes care of everything, including updates. Particularly since they market it as a security solution, they weld likely emphasize that they can update rapidly enough to keep up with security attacks that move very quickly because they don’t care about “risk”.
There are many, many, many specialized enterprise applications out there that are windows only.
What does the issue do?
My first company I worked for used crowdstrike. Does it think the computer is infected and locking them down?
… my work uses Crowdstrike
I didn’t see any issues rise up yesterday. Is today gonna be a bad day?
I made an announcement on our Teams channel, and its blowing the fuck up… today is going to be a bad day :(
Forbes has posted a fix, but it requires a human to boot into safe mode/recovery
