Microsoft IT outage live: recovery from ‘largest outage in history’ may take weeks | Microsoft IT outage
Key events
UK holidaymakers warned of potential travel disruption this weekend
Holidaymakers have been warned of potential travel disruption this weekend as UK transport networks continue to feel the impact of Friday’s global IT outage.
Flight delays and cancellations are among the disruption expected to continue into the weekend after the outage, with experts warning it could take weeks for systems to fully recover.
It comes as thousands of families in the UK start to embark on summer holidays amid the end of the academic year for many schools.
Travel association Abta urged holidaymakers to check with providers if there are “any extra steps” they may need to take.
A spokesperson said:
We’re at the start of one of the busiest periods of travel, with some schools finishing for the summer yesterday and many more next week.
Many people will be jetting off abroad – looking to escape the UK’s unseasonable weather of late.
With Spain, Turkey and Greece among the popular destinations for an overseas trip.
If you are heading off on holiday this weekend – by whatever means – it’s advisable to check with your travel provider if there are any extra steps you need to take, as some businesses are continuing to feel the impact of Friday’s IT outage.”
The Port of Dover said early on Saturday that it was dealing with “hundreds of displaced” airport passengers and urged customers to ensure they had a booking before arrival.
It also posted on X that approach roads were “slow moving”, with a 60-minute wait time in the buffer zone.
Ferry operator DFDS said on X that there were wait times of up to 120 minutes at Dover border controls and 30 minutes at check-in.
Bad actors seizing on Microsoft IT outage to scam public, Australian government warns
Josh Taylor
Scammers are attempting to use the global CrowdStrike outage on Microsoft Windows systems to steal from small businesses by offering fake fixes, the Australian government has warned.
The world has begun to recover from a global outage of Windows systems running the cybersecurity company Crowdstrike’s software, after the company issued a faulty update. But bad actors have seized upon the crisis to attempt to scam the public, the home affairs minister, Clare O’Neil, said on Saturday.
“What we are seeing some reporting of is attempts to conduct phishing through the incident that just occurred,” she said.
She said small businesses in particular were receiving emails from people pretending to be CrowdStrike or Microsoft and seeking bank details to access a reboot to fix the error.
“I ask Australians to be really cautious over the next few days about attempts to use this for scamming or phishing,” she said. “If you see an email, if you see a text message that looks a little bit funny, that indicates something about CrowdStrike or IT outages, just stop. Don’t put any details.”
She said if people receive calls along those lines they should hang up, and if people do hand over their banking information then to contact their bank immediately to report it.
You can read the full piece here:
In the UK, Saturday’s headlines are dominated by the fallout from an IT failure that grounded planes, took TV channels off air and played havoc with health services, banking and retail businesses around the world.
“Digital pandemic”, “havoc” and “meltdown” were some of the most common phrases in UK headlines after a botched CrowdStrike software update.
Here is the Guardian’s front page this Saturday:
You can see the rest of Saturday’s front pages here:
Thora, a pharmacist in Manchester, England, told the BBC’s Today programme that pharmacy backlogs would continue after Friday’s IT outage.
She said:
What we know at the moment is obviously we have been experiencing some heightened tensions in some pharmacies by patients but also people have been really understanding and have been really patient with us.
This backlog will continue because obviously there will have been patients who have been unable to access their prescription because it will be hand-written at the surgery, and we’ll get a bit of a backlog, or they will eventually come through to us. But it’s a bit of a concern.”
Millions of computers will need to be fixed individually, expert warns
A chartered security professional said there would be “lingering effects” from the IT outage that has caused disruption around the world.
James Bore told Sky News:
There are definitely going to be lingering effects. The largest companies and the ones with most critical services, they are going to have thrown everything they can at fixing it.
But for other companies where they don’t have as many people to put hands on keyboard – because that’s the key thing – each fix requires a manual intervention with the computer, and we’re talking millions of computers.
If you’ve only got one IT person in the company and 2,000 employees – it’s not going to be fixed overnight.
That’s going to be weeks of work for that person just travelling around or getting everyone to come in and sort out their laptops.”
'Similar lessons' should be drawn from global IT outage as from the pandemic, says academic
People should draw similar lessons from the global IT outage as they did from the pandemic, an academic has said.
Computer scientist Sir Nigel Shadbolt told the BBC’s Today programme:
Often these issues are left [to] technological elites. This impacts everyone and we need to understand how those effects ripple through society and think about how we all make ourselves more resilient.”
He added:
The resilience in general of these systems is something very special. We depend on these systems and by and large they are working to very high levels of quality.
But when they do go wrong, and it’s like a pandemic, literally we should draw similar lessons, what lessons do we draw?
As individuals, what should we be thinking? We should be thinking about a degree of resilience in our own lives. We should think about having perhaps multiple systems, not depending just on one.”
George Kurtz, the founder and chief executive of the cybersecurity firm CrowdStrike, has said the company “continues to work with customers and partners to resolve this incident”.
He added that the CrowdStrike team had written a technical overview of Friday’s events. In it, there is an explanation of what happened:
On 19 July 2024 at 04:09 UTC, as part of ongoing operations, CrowdStrike released a sensor configuration update to Windows systems. Sensor configuration updates are an ongoing part of the protection mechanisms of the Falcon platform. This configuration update triggered a logic error resulting in a system crash and blue screen (BSOD) on impacted systems.
The sensor configuration update that caused the system crash was remediated on Friday, 19 July 2024 05:27 UTC.
This issue is not the result of or related to a cyber-attack.”
Also, in the blog post was a brief section on the root cause analysis:
We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing … We will update our findings in the root cause analysis as the investigation progresses.”
Opening summary
Services began to come back online overnight into Saturday after an IT failure that wreaked havoc worldwide. But full recovery could take weeks, experts have said, after airports, healthcare services and businesses were hit by the “largest outage in history”.
Flights and hospital appointments were cancelled, payroll systems seized up and TV channels went off air after a botched software upgrade hit Microsoft’s Windows operating system. It came from the US cybersecurity company CrowdStrike, and left workers facing a “blue screen of death” as their computers failed to start.
As recovery continues, experts say the outage underscored concerns that many organizations are not well prepared to implement contingency plans when a single point of failure such as an IT system, or a piece of software within it, goes down.
Here is a brief summary of how the IT outage has affected services:
Airports across the UK – including London Gatwick, Heathrow Airport, Manchester Airport and Belfast International Airport – stressed that passengers should check with airlines for any delays or cancellations before travelling over the weekend.
CrowdStrike’s stock tumbled in value when the US markets opened on Friday. Shares slid by more than 8% at the start of trading, knocking about $10bn (£7.8bn) off its market value.
Around the world, banks, supermarkets and other major institutions saw services disrupted, while many businesses were unable to take digital payments or access key databases.
NHS England said “the majority of GP practices” had experienced disruption and ambulance services reported increases in 999 and NHS 111 calls from patients who were unable to contact other NHS providers, while the National Pharmacy Association said pharmacies had seen issues “including the accessing of prescriptions from GPs and medicine deliveries”.