Widespread technology errors Thursday and Friday stranded airline passengers around the world, halted hospital surgeries and crippled office workers’ computers in one of the most disruptive computer outages in years, highlighting how much of the world relies on essential but inherently error-prone software from a handful of companies.
World
How a software error melted down the world’s computer systems
Microsoft, which powers the computers and technology backbones for many companies, also reported outages with some of its popular web-connected software for corporate and government technology networks.
CrowdStrike said in a statement that it had identified and issued a fix for a “defect” in its updated technology for Windows-based software, which is the foundation not only for hundreds of millions of personal PCs but also for many back-end computers that power airlines, digital payment systems, emergency services call centers and much more.
The problem wasn’t a cyberattack or a security incident, CrowdStrike said.
Marie Vasek, an assistant professor at University College London’s computer science department, said the widespread computer meltdowns showed how reliant technology systems are on a small number of companies’ software, including that of Microsoft and CrowdStrike.
“The issue here is that Microsoft is a standard bit of software that everybody uses, and the bug in CrowdStrike is deployed to every single system,” she said.
Vasek said technology networks are becoming more sprawling and complex, typically running on software from multiple companies. She said that increases the odds that one botched line of software code at one of those companies could bring down entire computer networks.
She and another computer security expert also said that because CrowdStrike’s digital protections are considered so essential, its technology is given priority access on many computer systems. If something goes wrong with CrowdStrike software, that privileged access can grind computers to a halt.
It’s ironic that CrowdStrike, whose software is intended to protect from catastrophic computer failures, was responsible for Friday’s widespread computer meltdowns, experts said.
Vasek said both Microsoft and CrowdStrike deserve blame for a single software bug apparently causing so many disruptions to people and businesses.
She said CrowdStrike needed to consider how to safely update its software to many millions of computer networks. And Microsoft, she said, needed to do more to ensure that updates to software from other companies don’t cripple Windows machines. “Microsoft needs to think about how to check that software is as it should be,” she said.
Microsoft didn’t immediately respond to requests for comment from The Washington Post.
In a statement and in an NBC News’s “Today” Show interview with CrowdStrike CEO George Kurtz, the company said it is “actively working with customers” to resolve the problems and that many CrowdStrike systems are recovering and will be functional soon.
A spokesperson for FS-ISAC, an information technology organization that works with large financial institutions, said many of its customers are implementing the software fix from CrowdStrike. The spokesperson said that essential functions, including banking and payment processing, “are largely functioning with some scattered effects.”
It wasn’t immediately clear how many of Friday’s computer network collapses resulted from the defective CrowdStrike software update and which were the result of problems that started Thursday with Microsoft’s online services and cloud computing service Azure — or if the two issues were related.
In his “Today” Show interview, Kurtz said that CrowdStrike is “deeply sorry for the impact that we’ve caused to customers, to travelers, to anyone affected by this.”
This is a breaking news story and will be updated.