How a Faulty CrowdStrike Update Triggered a Global Windows Outage

Read this: A faulty update from cybersecurity provider CrowdStrike caused a global outage, with Microsoft wrongly implicated.

Today, thousands of Windows machines displayed blue‑screen‑of‑death (BSOD) errors at startup, affecting banks, airlines, TV stations, supermarkets and many other enterprises worldwide.

The root cause was a mistaken update from CrowdStrike, a security giant used by many organizations to manage Windows PCs and servers. The update forced affected PCs and servers into a recovery‑boot loop, preventing normal startup.

As thousands of machines went offline, Australian banks, airlines and broadcasters were the first to raise alarms, and the problem quickly spread across Europe as companies began their workday.

Sky News was unable to broadcast its morning briefing, and Ryanair reported a "third‑party" IT issue that affected flight departures.

The U.S. Federal Aviation Administration (FAA) said it was assisting airlines such as Delta, United and American due to communication problems, and several carriers requested FAA help to ground fleets until the issue was resolved.

Berlin Airport warned of possible flight delays, and 911 call centers in Alaska were also affected. In India, an airline resorted to handwritten boarding passes.

CrowdStrike CEO George Kurtz posted on X that the issue was limited to Windows hosts; Mac and Linux servers were unaffected, and the incident was not a security breach or cyber‑attack.

CrowdStrike confirmed the problem and released a fix, but applying it is complex because the faulty component is a kernel‑level driver used to protect Windows machines.

On Reddit, hundreds of IT admins reported the issue and suggested booting affected PCs into safe mode, navigating to the CrowdStrike directory, and deleting the problematic system file—a cumbersome process for cloud servers and remote laptops.

Users described entire companies going offline, with up to 70% of laptops stuck in a reboot loop.

Microsoft also experienced separate issues with Microsoft 365 services, caused by a configuration change in an Azure backend workload, which was quickly resolved.

CrowdStrike Stock Plummets

The company's share price fell more than 19% following the widespread IT disruption.

Impact on Aviation and Transportation

FAA ordered most airlines to suspend flights until further notice, including United, Delta, American and Ryanair.

Ryanair advised passengers on affected flights to check the airline app for updates and to arrive three hours early.

Airports across the UK and Europe reported extended waiting times and malfunctioning departure boards.

UK train operator Govia Thameslink and other rail services also experienced outages, prompting apologies to passengers.

Healthcare Services Disrupted

UK GP clinics reported limited online appointment booking and telephone service interruptions.

The NHS confirmed that the EMIS system used by many practices was affected, though emergency (999) services remained operational.

Root Cause and Responses

Experts identified a faulty "channel file" in CrowdStrike Falcon as the culprit.

CrowdStrike’s OverWatch manager Brody Nisbet said the problematic file has been withdrawn, preventing further BSODs, but the damage to already affected machines cannot be undone.

Reddit posts offered a workaround, but it does not work for every customer.

British National Cyber Security Centre chief Ciaran Martin corroborated the explanation.

Microsoft clarified that its Azure issue was unrelated to the CrowdStrike incident, and a spokesperson noted that a third‑party software update caused the Windows problems and that a fix was forthcoming.

Overall, the incident highlights the interdependence of security tools and operating systems, and the need for rigorous testing before deploying kernel‑level updates.