Many banks, media outlets, and airlines experienced the blue screen of death this morning when they turned on their Microsoft Windows machines. The dreaded error page, with the message "Your device ran into a problem and needs to restart" was caused by a single update from Austin, Texas-based CrowdStrike, a cybersecurity giant with operations in more than 170 countries.
Most (70%) of the $900 million in revenue CrowdStrike earned for the quarter ending in April came from its U.S. customers, including Google, Amazon, and Microsoft.
CrowdStrike's wide reach resulted in "the largest IT outage in history," according to some cybersecurity experts. The update delayed Delta, United, and American Airlines flights, canceled scheduled surgeries at hospitals in Massachusetts and Ohio, disrupted 911 services, and impacted other public and private sector operations across the globe.
George Kurtz, CEO of Crowdstrike. Martina Albertazzi/Bloomberg via Getty Images
CrowdStrike CEO George Kurtz wrote in an X post Friday that CrowdStrike has found the cause of the issue and released a fix.
"This is not a security incident or cyberattack," he emphasized, adding that organizations should communicate with CrowdStrike representatives and check the support page.
"Our team is fully mobilized to ensure the security and stability of CrowdStrike customers," he added.
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
— George Kurtz (@George_Kurtz) July 19, 2024
In a blog post, he said: "We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you're engaging with official CrowdStrike representatives."
Kurtz also went on TODAY and apologized for the disruption, giving more details on what went wrong. He explained that the update CrowdStrike implemented had a software bug in it, which caused problems with the Microsoft Windows operating system.
"As systems come back online as they're rebooted, they're coming up and they're working," he said. "Now we are working with each and every customer to make sure that we can bring them back online."
When asked how a single content update could immediately shut down everything from emergency services to credit card payment systems around the globe, with no backup, Kurtz said, "We have to go back and see what happened here."
CrowdStrike currently leads the worldwide market in endpoint security or protection for devices like desktops and laptops.