Crowdstrike’s faulty update triggers global Windows blackout, disrupting critical operations

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More


Microsoft Windows, the leading PC platform for consumers and enterprises worldwide, is going through an unexpected outage, disrupting critical operations, including those of leading banks, airlines, news broadcasters, supermarkets and even stock exchanges.

The users of Windows computers are getting a blue screen of death (BSOD) error upon launching their PCs. The issue triggers a boot loop and keeps users from accessing the operating system for work. The exact scale of the problem remains unclear, although the flurry of complaints on X indicates at least thousands of global PCs being used for day-to-day work have been affected.

Microsoft has not yet commented on the matter, but it appears the problem has stemmed from Crowdstrike, which is known for strengthening the cybersecurity posture of enterprise systems, including Windows machines.

This comes as the Satya Nadella-led company also continues to repair a separate issue with its Microsoft 365 apps and services at the same time.

Windows outage disrupting global services

A few hours ago, organizations from different parts of the world operating in completely different sectors began reporting disruption in their services. Most of them cited technical issues with their systems, stemming from a third-party partner. However, what’s even more worrying is the scale of the problem. It appears to have hit several critical operations, including those of global airlines, airports and banks. 

The airlines and airports that have reportedly been affected by the issue include American Airlines, Delta Airlines, United Airlines, Ryanair, Indigo, Air Asia, KLM Airlines, Los Angeles International Airport, Hong Kong Airport, Berlin Airport, Prague Airport, Amsterdam Airport, Sydney Airport, Edinburgh Airport, Dusseldorf Airport and Japan’s Narita airport. 

Meanwhile, banks known to have been affected are Israel’s central bank, Ukraine’s Sense Bank, Capitec (South Africa’s largest bank) and National Australia Bank, Commonwealth Bank and Bendigo. Other organizations in critical sectors were also affected, including the London Stock Exchange, Australian energy company AGL, Sydney Metro, Govia Thameslink Railway and NHS in the UK, and broadcasters and publications, including Sky News. Even 911 services in some parts of the U.S. have been hit.

Crowdstrike Falcon to blame: Fix in progress

As many systems continue to be impacted, the problem has been narrowed down to cybersecurity firm Crowdstrike

According to the company’s subreddit, the issue has been caused by its cloud-native Falcon sensor, a small software agent that is installed on endpoints like computers, servers, and mobile devices to continuously monitor for suspicious activity and potential threats. In this case, it appears some content deployment – an update – to the sensor broke down the machines it was installed upon.

The moderator of the subreddit pointed out that the change has been reverted. However, if the problem persists, users can try the following steps:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment
  2. Navigate to the C:WindowsSystem32driversCrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it.
  4. Boot the host normally.

Microsoft, on its part, has yet to comment on the whole matter. A problem of this scale is catastrophic. Not to mention, it will take hours for all the organizations to get the fix and resume their normal operations.