Faulty US cybersecurity firm's update causes major global IT outage

SAN FRANCISCO -- A faulty software update from cybersecurity firm CrowdStrike Friday morning has affected computers-running Microsoft Windows at organizations, causing major IT outage, taking out banks, airlines and businesses globally.

U.S. federal airspace officials announced a nationwide ground stop of air traffic on Friday due to the outages. Airlines and airports across Germany, France, the Netherlands, the United Kingdom, Australia, China, Japan, India, and Singapore also reported problems with check-in and ticketing systems, resulting in flight delays.

A post by Alaska State Troopers said many call centers were "not working correctly across the State of Alaska."

The crash reports were related to its cloud-based security service "Falcon Sensor," said CrowdStrike,

Its chief executive, George Kurtz, confirmed in a post on X that a "defect" in a content update for Windows hosts had caused the outage.

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted," Kurtz said on X.

"This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website," he noted.

"We further recommend organizations ensure they're communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers."

A post on CrowdStrike's support forums acknowledged the issue early on Friday, saying the company had received reports of crashes related to a content update. Its enterprise apps are still seeing disruption, according to the Service Health Status of its cloud services for business.

CrowdStrike has nearly 60 percent of Fortune 500 companies and more than half of the Fortune 1,000 as its clients, according to its website. It went public in 2019 and moved its headquarters to Austin from California's Silicon Valley in 2021,

CrowdStrike's shares were down about 18 percent in premarket trading on Friday. CrowdStrike had a market cap of 83.48 billion U.S. dollars by the market's closing on Thursday.

"In our view, cybersecurity products have to clear a higher bar of reliability and security in customer deployments than other technology products because they are mission critical and actively attacked by adversaries," Goldman Sachs analysts wrote in a research note on Friday.