Live: massive Windows outage plunges banks, airlines and more into chaos around the world

Please stop blaming Bill Gates for this, folks

Users on Facebook and X/Twitter are ridiculing Bill Gates over this global outage, but to be fair this really isn’t his fault. 

Not only does the issue stem from a non-Microsoft product (Crowdstrike Falcon – although since Windows is the only OS affected, Microsoft does bear some part of the blame here), but Gates hasn’t been CEO of Microsoft for more than two decades, even stepping down from the board of directors four years ago in 2020. 

At this point his involvement with MS is minimal – go bother Satya Nadella instead, who has been notably silent on social media today.

Some important US phone numbers

911 lines are down in areas of several US states, with Alaska confirmed to be the worst affected. Official Alaska State Troopers social media has posted a number of direct phone numbers for emergency calls only, as seen below.

More from Microsoft?

Microsoft, which has been worst hit by this outage, causing a knock-on across global systems, has issued a brief statement.

The company has said it is, “aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming,” according to The Verge.

Welcome to a summer of all dangers

Hackers all over the world will rejoice at today’s chaotic start of the summer holidays (at least here in Europe). Sysadmins all over the world will have to cancel their breaks (or worst, come back from their holidays) to deal with the fallout of what is rapidly turning into the biggest tech catastrophe of all times, the sort of scenario Hollywood script writers could only dream of.

Expect cybercriminals to work double shifts to identify which key systems can be penetrated should CrowdStrike’s security platform be disabled on some impacted systems. I predict that phishing attempts are going to grow exponentially over the summer as attempts to convince anyone and everyone to install that innocent CrowdStrike app or click on that totally innocuous crowdstri.ke URL.

The UK’s National Health Service has some advice

The worst-case scenario for this global IT outage is the potentially life-threatening impact on health services. The UK’s NHS has now issued a statement on what’s happening, with its phone system fortunately unaffected.

An NHS spokesperson said: “The NHS is aware of a global IT outage and an issue with EMIS, an appointment and patient record system, which is causing disruption in the majority of GP practices.

 “The NHS has long standing measures in place to manage the disruption, including using paper patient records and handwritten prescriptions, and the usual phone systems to contact your GP. There is currently no known impact on 999 or emergency services, so people should use these services as they usually would.”

 The spokesperson added: “Patients should attend appointments unless told otherwise. Only contact your GP if it’s urgent, and otherwise please use 111 online or call 111.”

Every cloud outage has a silver lining

On the bright side, it seems like corporate America is loving this. After all, what better day for a mass Blue Screen of Death attack than a Friday? The outage has been met with tangible glee by thousands of office workers across social media – although some have been left bemoaning the fact that their employer doesn’t use Crowdstrike, and they’re still going to have to work today.

Has your employer been hit by the Falcon/Microsoft outage? Did you log onto your personal computer to see a chilling blue hue this morning? Let us know on X/Twitter at @techradar!

KLM says it’s had to “largely suspend operations”

Airlines have been some the hardest hit by today’s global IT outage, with the Federal Aviation Administration issuing a “global ground stop” earlier today. Now the Dutch airline KLM has made statement on how it’s hitting frustrated fliers.

It says “we’re working hard to resolve the problem, but that until then “we will have to largely suspend operations”. As KLM says, that’s something of a nightmare all-round “in the midst of the summer holiday season”. Solidarity to anyone who was planning to jet off today.

CrowdStrike – a company on the grow

If you follow cybersecurity, you’ll be well aware of who CrowdStrike are – as evidenced by the scale of the outage today, their software and systems help back up many of the world’s biggest businesses.

Headquartered in Austin, Texas, the company, which was founded in 2011, boasts nearly 8,000 workers – and will be a familiar sight to fans of Formula 1, having sponsored the Mercedes F1 team for several seasons, its logo portrayed clearly on the car’s front wing as well as the driver suits. 

In the UK, it’s not just hospitals and airports that are suffering from the outage. Pubs, soccer clubs, and betting agencies have been hit, apparently leading to some local frustration about not being able to order a pint via app (although it’s a bit early for that, surely?).

Over in Australia, the outage has affected a wide swathe of businesses and public services from police to local news teams – leading to this rather hilarious post on X from 10 News First:

According to Toby Murray, associate professor at The University of Melbourne, Australia, the outage has been specifically linked to Crowdstrike’s Endpoint Detection and Response (EDR) platform, Falcon.

Falcon is essentially a high-privilege piece of software designed to monitor and detect system intrusions – in other words, cyberattacks and malware – and then take action to respond to them. It’s an oversimplification to just call Falcon (or any EDR platform) an antivirus program, but at the end of the day, it is designed to help keep businesses’ computer systems safe from digital threats.

Because of this, though, Falcon has a lot of access to control elements of the system it’s installed on. For example, it can shut off communications from a PC if it detects malware that is actively transmitting data to an external source. With that sort of control over the computers it’s installed on – and Falcon is installed on a very large number of business systems – it makes sense that a Falcon malfunction could cause this sort of widespread outage.

Are hackers behind the global Windows IT crash?

Short answer: no. Early analysis of the situation point to an update that has gone very, very wrong. No hacker intervention needed. 

It is not the first time that this has happened. A security analyst told TechRadar privately that “this is a major process breakdown, a combination of human and tech error, something that was obviously not tested properly,” before adding, “don’t take it as a criticism, something has clearly gone wrong that was not intended.” 

Even trillion-dollar companies – like Amazon Web Services and Microsoft – suffer wobbles from time to time. But none have impacted our lives, like the one we encountered today.

Back to healthcare, and we have more reports surfacing of UK NHS primary care services being disrupted, as well some hospital infrastructure worldwide.

GTD Healthcare, a major supplier of NHS services in the North of England, states “Unfortunately there is a national issue with EMIS Web – the clinical computer system used within GP practices. This will affect our ability to book appointments/consult with patients.  We apologise for the disruption. If you have a life-threatening medical emergency, please dial 999.

The Daily Mail is also reporting that Australia’s Triple Zero emergency service line is still in operation, but “some hospitals have been affected” in the country, although we don’t know to what extent.

Good news for gamers?

We have some good news for gamers at least, as it appears that Xbox Live is back online after an outage that lasted for over three hours. Owners of the Team Green machines were previously unable to sign into their accounts, use the online store, or join other players in online lobbies – forcing many of us to step outside for the first time in months.

Now, the official Xbox status page indicates that “all services” are currently “up and running.” We booted up our own Xbox consoles to test this and can report that everything was functioning well, though some users on social media are suggesting that they are still experiencing issues.

It’s little consolation, but those currently trapped in packed airports could now whittle down the hours in the queue with a cheeky game of Fortnite via Xbox Cloud Gaming.

So, who are Crowdstrike?

Crowdstrike is the biggest cybersecurity firm you’ve never heard of. One that like many operates in the shadows and is one of the most important cogs in the supply chain that links some of the biggest companies in the world. 

It is essentially the watchdog and protector of websites and web services. Its popularity propelled it to mighty heights as it briefly surpassed a market capitalization of $100 billion just a few days ago.

I’d also suspect that the list might grow as the US wakes up and more people start discovering problems. Let’s hope it’s fixed soon.

The list of companies seemingly impacted by this is the longest I’ve ever seen.

According to Down Detector in the US and UK, it’s currently: 

• Microsoft
• Microsoft 365
• BetMGM
• Amazon
• Visa
• Sainsbury’s
• Tesco
• RyanAir
• Sky
• BT
• Ladbrokes
• Santander
• Nationwide
• Royal Mail

And the list just keeps getting longer.

This truly is a global outage – potentially one of the biggest we’ve ever seen. In fact, I’ve heard commentators refer to it as “the biggest IT outage ever”.

In China, for instance, the South China Morning Post is reporting that there are massive queues at Hong Kong airport and that passengers are having to check in manually.

If you’re due to fly anywhere today, good luck!

Far more worrying than TV news channels being down is the fact that doctor’s surgeries in the UK are apparently unable to book appointments.

“MAJOR ISSUE – NO ACCESS TO CLINICAL SYSTEM – NATIONAL PROBLEM” is how Grimethorpe Surgery in Barnsley, England reported it.

Sky News is still down in the UK

If, like me, you turned on your TV this morning to watch Sky News, you’ll have been greeted with this worrying message instead.

The channel hasn’t been able to broadcast this morning due to the Windows workstations issues, during a time when it’d otherwise been reporting on, say, a massive global IT outage. 

The presenter Jacquie Beltrao posted the below on X (formerly Twitter).

The outage couldn’t come at a worst time as schools in the UK and several other European countries will break today for the summer holidays, probably the busiest day of the year for airlines. Hundreds of thousands of passengers will be expected to travel over the next 24 hours to destinations across the globe.

The incident also happens a day after CHAPS, the global payment system that governs high value transactions, went down, putting tens of billions of dollars of business on hold.

In terms of transport, it’s not just planes that are suffering as a result of this Microsoft/Crowdstrike issue – in fact, far from it.

In the UK, Thameslink trains has put a statement on X stating: “⚠️ We are currently experiencing widespread IT issues across our entire network. Our IT teams are actively investigating to determine the root cause of the problem.

We are unable to access driver diagrams at certain locations, leading to potential short-notice cancellations, particularly on the Thameslink and Great Northern networks.” 

Airlines appear to be one of the hardest hit areas in this outage. 

As well as the problems in the US, that have seen Delta and United ground flights, there are delays and problems everywhere from Japan – where the Narita airport outside Tokyo says JetStar, Jeju Air, Qantas, HK Express and Spring Japan all have issues with their systems – to India, where Delhi airport says some services have been temporarily impacted.

That previous post was some eight hours ago, but one hour ago it stated that “Our services are still seeing continuous improvements while we continue to take mitigation actions. More details can be found within the admin center under MO821132 and http://status.cloud.microsoft“

Microsoft’s Twitter account (Sorry, X, whatever) is reporting that it’s still investigating issues but that it is working on fixing them.

An email sent to TechRadar and other publishers by Tesserent cyber solutions company appears to confirm that the issue is with CrowdStrike.

It states: “CrowdStrike have deployed a new content update which resolves the previously erroneous update and subsequent host issues. As your devices receive this update you may need to reboot for the changes to take effect and for the blue screen (BSOD) issues to be resolved.

“If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:

“Workaround Steps:

“1. Boot Windows into Safe Mode or the Windows Recovery Environment

“2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

“3. Locate the file matching “C-00000291*.sys”, and delete it. 

“4. Boot the host normally.”

TechRadar has not yet been able to verify those steps independently. 

It seems the problem may stem from an update by the cybersecurity company Crowdstrike, which is causing Windows PCs to display the Blue Screen of Death, and to then be unable to reboot.

Microsoft’s own Service Status page states that everything is running normally right now, which clearly isn’t the case.

“We’re all good! Everything is up and running.”

However, earlier in the day Microsoft did report that users might not have been able to access Microsoft 365, its cloud-based app service. 

The situation in the UK is every bit as severe, with Microsoft – and Microsoft 365 – Visa, BT and more all seemingly impacted by the outage.

Here’s what Down Detector is currently showing in the US – with multiple companies impacted across all manner of industries including transport, banking, media and more. 

Good morning. Here’s the latest on the global IT outage taking place right now.