A global IT outage has caused chaos at airports, banks, railways andbusinesses around the world as a wide range of services were taken offline and millions of people were affected.
In one of the most widespread IT crashes ever to hit companies and institutions globally, air transport ground to a halt, hospitals were affected and large numbers of workers were unable to access their computers. In the UK Sky News was taken off air temporarily and the NHS GP booking system was down.
Microsoft’s Windows service was at the centre of the outage, with experts linking the problem to a software update from cybersecurity firm Crowdstrike that has affected computer systems around the world. Experts said the outage could take days from which to recover because every PC may have to be fixed manually.
Overnight, Microsoft confirmed it was investigating an issue with its services and apps, with the organisation’s service health website warning of “service degradation” that meant users may not be able to access many of the company’s most popular services, used by millions of business and people around the world.
Among the affected firms are Ryanair, Europe’s largest airline, which said on its website: “Potential disruptions across the network (Fri 19 July) due to a global third party system outage … We advise passengers to arrive at the airport three hours in advance of their flight to avoid any disruptions.”
Having half of the world depend on a corporate proprietary single company is the stupidest thing ever. They will learn nothing with this, sadly
While you are right, this outage has basically nothing to do with Windows or Microsoft. It’s a Crowdstrike issue.
It also has to do with software updates being performed without the user having any control over them.
Agreed, but again these updates were done by the Crowdstrike software. Nothing to do with Microsoft or Windows.
In this case it was an update to the security component which is specifically designed to protect against exploits on the endpoint. You’d want your security system to be up to date to protect as much as possible against new exploits. So updating this every day is a normal thing. In a corporate environment you do not want you end users to be able to block or postpone security updates.
With Microsoft updates they get rolled out to different so called rings, which get bigger and bigger with each ring. This means every update is already in use by a smaller population, which reduces the chances of an update destroying the world like this greatly.
It’s not specific to Microsoft, but the general idea of letting proprietary software install whatever it wants whenever it wants directly into your kernel is a bad idea regardless. If the user had any control over this update process, organizations could do small scale testing themselves before unleashing the update on their entire userbase. If it were open source software, the code would be reviewed by many more eyes and tested independently by many more teams before release. The core issue is centralizing all trust on one organization, especially when that organization is a business and thus profit-driven above all else which could be an incentive to rush updates.
Reminds me of when Canada lost internet to 12 million of it’s 33 million people because one company messed up doing maintenance.
There will be no consequences for those who made this choice because going with the biggest suppliers is never wrong: they in theory have the highest reliability, and even if they don’t, then it’s not just your problem but everyone else’s too, can’t blame those responsible when the outage is akin to an “act of God”
It’s great to have alternatives. If it was all linux, and linux got hit, then it’d be the entire world in danger. Too bad M$ is just not good enough for it’s second most popular position.
Well, we got to see roughly something play out with the xz thing. In which case only redhat were going to be impacted because they were the only ones to patch ssh that way.
Most examples I can think of only end of affecting one slice or another of the Linux ecosystem. So a Linux based heterogenous market would likely be more diverse than this.
Of course, this was a relative nothing burger for companies that used windows but not crowdstrike. Including my own company. Well except a whole lot fewer emails from clients today compared to typical Fridays…