A global outage affecting Microsoft's services has caused widespread disruptions on Friday across various sectors worldwide. The issue has led to massive operational halts at airports, financial institutions, emergency services and many other industries.
Windows users in India reported encountering the “Blue Screen of Death (BSOD)” on their computers. The outage has severely impacted airports, with Bengaluru Airport experiencing long lines as check-in systems failed, forcing airlines such as Indigo, Air Akasa and Spice Jet to issue boarding passes manually. Passengers at both T1 and T2 terminals faced huge delays.
Similar scenarios unfolded at other locations, including Delhi, Sydney Airport in Australia, where the New South Wales Police Force acknowledged the system outage on social media.
Despite these disruptions, the National Stock Exchange (NSE) and the Bombay Stock Exchange (BSE) reported no impact from the global Microsoft systems outage. However, the Indian Computer Emergency Response Team (Cert-In) has issued a 'Critical' severity rating for the incident.
India's Minister for Railways, Information & Broadcasting, Electronics & Information Technology, Ashwini Vaishnaw, confirmed that the government was in contact with Microsoft and that the cause of the outage had been identified.
In the United States, the Federal Aviation Administration reported that major airlines, including American, United and Delta, grounded all flights due to the issue. The outage also affected hospitals, where patients were unable to receive medications, pointing to the severity of the situation.
Why It Happened?
Omer Grossman, Chief Information Officer (CIO) at CyberArk, explained that the glitch is due to a software update of CrowdStrike's Endpoint Detection and Response (EDR) product. "This is a product that runs with high privileges to protect endpoints. A malfunction in this can, as we are seeing in the current incident, cause the operating system to crash."
Grossman identified two main issues on the agenda: "The first is how customers can get back online and regain continuity of business processes. Because the endpoints have crashed—resulting in the Blue Screen of Death—they cannot be updated remotely, and this problem must be solved manually, endpoint by endpoint. This process is expected to take days."
"The second issue is determining what caused the malfunction. Possibilities range from human error, such as a developer releasing an update without sufficient quality control, to the more complex and intriguing scenario of a sophisticated cyberattack. This could involve an attacker activating a 'doomsday command' or 'kill switch.' CrowdStrike's analysis and updates in the coming days will be of utmost interest," Grossman added.
Cybersecurity firm CrowdStrike clarified that the widespread disruptions were not the result of a security incident or cyberattack. CEO George Kurtz took to social media platform X to explain. "This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed," he posted.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers” – CrowdStrike Official Statement
According to Satnam Narang, Senior Staff Research Engineer at Tenable, the issue is linked to a security software update installed on millions of Windows computers worldwide, which requires high-level privileges to the underlying operating system.
"This event is unprecedented, and the ramifications of it are still developing," Narang warned.
Microsoft announced on 19 July that it is investigating a range of issues with Azure in the Central US region. However, users in India and globally have also raised complaints. The situation remains fluid as authorities and Microsoft work to restore normalcy.