What We Know About the Global Microsoft Outage
Across the world, critical businesses and services including airlines, hospitals, train networks and TV stations, were disrupted on Friday by a global tech outage affecting Microsoft users.
In many countries, flights were grounded, workers could not get access to their systems and, in some cases, customers could not make card payments in stores. While some of the problems were resolved within hours, many businesses, websites and airlines continued to struggle to recover.
What happened?
A series of outages rippled across the globe as information displays, login systems and broadcasting networks went dark.
The problem affecting the majority of services was caused by a flawed update by CrowdStrike, an American cybersecurity firm, whose systems are intended to protect users from hackers. Microsoft said on Friday that it was aware of an issue affecting machines running “CrowdStrike Falcon.”
But Microsoft had also said there was an earlier outage affecting U.S. users of Azure, its cloud service system. Some users may have been affected by both. Even as CrowdStrike sent out a fix, some systems were still affected by midday in the United States as businesses needed to make manual updates to their systems to resolve the issue.
George Kurtz, the president and chief executive of CrowdStrike, said on Friday morning that it could take some time for some systems to recover.
What was affected?
It is more apt to ask what was not affected. Everything from airlines to banks to health care systems in many countries was hit.
In Australia, passengers were stuck in long lines at Sydney airport as information screens went blank, and programming was disrupted at the national broadcaster. Airports in Britain, Germany and Taiwan had long delays at check-ins and flights were delayed or canceled. At an airport in South Korea, handwritten boarding passes were being slowly handed out.
Flights continued to be disrupted at some U.S. airports into the morning because of the cascading effect of flight delays and cancellations. The Federal Aviation Administration said in a statement that ground stops and delays would be “intermittent” at some airports as airlines grapple with residual technology issues.
The outage affected emergency 911 lines in multiple states, the U.S. Emergency Alert System said on social media — but most if not all of the emergency system problems appeared to be resolving themselves by midmorning.
A few hospitals in Germany said they would cancel elective procedures; and in Britain, some doctors in the National Health Service were unable to gain access to systems. Kaiser Permanente, a medical system that provides care to 12.6 million members in the United States, said all of its hospitals’ systems were affected, and it activated backup systems to keep caring for patients.
At some banks, including JPMorgan Chase, there were delays in processing trades because bankers could not log into their work systems. TD Bank, the 10th largest in the United States, said customers complained that they could not access their online accounts.
But the problems were not uniform. London’s Heathrow Airport said that its flights were still operating. The London Stock Exchange said that it could not publish news updates but the exchange, where trades take place, was working as normal. The auction system at the Norwegian central bank was briefly interrupted, but other major central banks, the European Central Bank and Bank of England, said there was no effect on their systems.
In some cases, issues were resolved relatively quickly. In Ukraine, Sense Bank and the mobile operator Vodafone reported brief problems with their services. At Dubai International Airport, two airlines switched to alternative systems, allowing operations to resume.
Major grocery chains in the United States appeared largely unaffected, with most stores operating as usual. But the world’s biggest logistics companies, including United Parcel Service and FedEx, did report disruptions, causing delivery delays in some regions. A spokesman for UPS said the company’s computer systems in the United States and Europe were affected.
Who’s to blame?
Mr. Kurtz said CrowdStrike took responsibility for the software bug, sent in a system update, that caused the outage. He said in a post on X that Mac and Linux users were not affected.
The incident was not a cyberattack, Mr. Kurtz said, adding that customers remain “fully protected.” But Mr. Kurtz warned on NBC’s “Today” show that the fix could take some time to put in place.
“We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption,” Mr. Kurtz said. Microsoft offered suggestions to users to help resolve the issue, including restoring backup systems.
While CrowdStrike is at fault for the software bug, J.J. Guy, chief executive of cybersecurity company Sevco, said poor resiliency of Microsoft’s operating system is to blame for extent of the damage.
“Bugs happen all the time and are unavoidable, the result of business complexity and technology,” Mr. Guy said. “But this became a catastrophic incident because of the remediation procedures. The resiliency of the operating system was not sufficient to mitigate the risk of that.”
Microsoft did not immediately respond to requests for comment on its operating system. The company’s chief executive, Satya Nadella, said in a post on X that Microsoft is working with CrowdStrike to offer customers technical guidance and bring systems back online.
