ADVERTISEMENT

Company News

CrowdStrike Crash Forces Manual Reboot of Affected Computers

By Evan Gorelick and Jake Bleiberg

Updated

Published

A Delta Airlines kiosk displays a message that reads "It looks like Windows didn't load correctly" as travelers wait in line at Ronald Reagan National Airport (DCA) in Arlington, Virginia, US, on Friday, July 19, 2024. Airlines around the world experienced disruption on an unprecedented scale after a widespread global computer outage grounded planes and created chaos at airports. (Ting Shen/Bloomberg)

(Bloomberg) -- All Windows computers affected by a global IT failure on Friday will need to be manually rebooted, CrowdStrike Holdings Inc., the cybersecurity company responsible for the outage, said in a statement on Friday.

“It was a content bug, or update, that we sent out and we’ve identified, and that we’ve rolled back,” Chief Executive Officer George Kurtz added in an interview with CNBC. He apologized to customers, and said some systems would take a few hours to come back online while others would take longer.

“There could be some manual steps involved, and we’re looking at ways to be able to automate those manual steps,” he said.

The recovery process will hardly seem straightforward to every customer. The cybersecurity firm is currently telling clients to try rebooting their computers first. If the system crashes again, CrowdStrike says, then the user should boot Windows into safe mode, navigate through the directory to find a specific CrowdStrike folder and then manually delete the problematic file within it. This work is most likely to be performed by IT professionals with administrative permissions, and they may not have been able to carry out those tasks remotely while Windows was crashing.

In one communication to a customer reviewed by Bloomberg News, CrowdStrike’s technical support team advised that rebooting the affected system as many as 15 times may be required.

The massive outage stemmed from a botched software update by CrowdStrike, which began rolling out a fix on Friday morning. The incident has wrought chaos across a wide range of businesses, including airlines, banks and healthcare systems. A growing list of companies have begun disclosing impacts, including United Airlines Holdings Inc. and McDonald’s Corp. CrowdStrike shares have dropped as much as 15%.

“A lot of organizations are having to go machine by machine by machine to fix it,” said Allan Liska, a threat analyst at Recorded Future Inc. “The central administrative service is down. Now, there’s a manual intervention.”

To make matters worse, Microsoft on Friday reported an apparently unrelated problem with its Azure cloud service.

--With assistance from Ed Ludlow.

(Adds detail about CrowdStrike’s instructions to customers in the fourth paragraph.)

©2024 Bloomberg L.P.