Global Software Fail Is of 'Historic' Proportions

The world got a reminder on Friday of just how vulnerable it is to a tech snafu. Here is the latest on the global computer outage linked to a single company—cybersecurity firm CrowdStrike:

• What happened: It all boils down to a flawed software update by CrowdStrike, one that wreaked havoc on millions of Microsoft Windows devices, reports the Verge. Because CrowdStrike is such a big player in cybersecurity—it has nearly 30,000 customers around the world, including 500 on the Fortune 1000 list—the consequences were widespread.
• The fallout: Banks, hospitals, government agencies, and businesses large and small around the world were knocked offline, and not all had recovered as of Friday afternoon. More than 21,000 flights globally were at least delayed, reports the Wall Street Journal. For a while on Friday, no flights at all were taking off for five US airlines—Allegiant Air, American, Delta, Spirit, and United, though service was being restored by afternoon, notes the New York Times. The AP rounds up some of the less serious concerns: Starbucks customers faced delays in ordering, and some Times Square billboards went dark.

• It's fixed, but: CrowdStrike CEO George Kurtz says the problem was identified quickly—in (very) broad strokes, he describes it as a "negative interaction" between the update and Microsoft's operating system—but he told the Today show "it could be some time for some systems" to recover, per the Guardian. In luckier cases, simply rebooting the system has worked. Kurtz added that he was "deeply sorry" for the mess and that it would take some investigation to figure out how a single failure caused so much trouble. Microsoft CEO Satya Nadella said Microsoft was working with CrowdStrike to get systems back online.
• Scope: "Biggest IT fail ever," declared Elon Musk, and it may not be an exaggeration. "This is historic—we haven't had an incident like this," Mikko Hypponen, a security expert with cybersecurity firm WithSecure, tells the Times. Craig Shue of Worcester Polytechnic Institute sees it as "an 'all our eggs are in one basket' situation," per the AP. "This lets us make sure our 'basket' is high quality: the software provider tries to identify threats and respond to them quickly. But at the same time, if anything goes wrong and the basket fails, we have a lot of broken eggs."
• About CrowdStrike: The company has been around since 2011 and has played a role in investigating some of the world's biggest cyberattacks, including the Russian hack of the Democratic National Committee in 2016. CNN has a primer on the company and its protective software, noting that it "requires deep-level access to a computer's operating system to scan for those threats."

(More Microsoft stories.)