On July 19, a worldwide outage of Windows machines occurred, disrupting hundreds of facilities and businesses. The affected facilities and businesses included but were not limited to airlines, banks, ATM services, trading desks, media outlets, police agencies, fire departments, hospitals and parliament systems. In total, an estimated 8.5 million machines were affected globally.

The outage was revealed to be caused by cybersecurity company CrowdStrike, specifically by their antivirus platform, Falcon. An update was pushed to Windows machines for the Falcon software, which was revealed to not have been properly vetted, as an error in their testing system allowed for the update to be pushed regardless of it having contained faulty code.

On the client side, users were met with “blue screens of death,” otherwise known as BSODs, meaning the Windows operating system encountered an error which it could not resolve and forcefully shut itself down. Typically, the machines which run Windows may be restarted to alleviate the BSOD and allow users to remedy the cause of the fatal error.

CrowdStrike withdrew the update and pushed a fix that would automatically download to machines once they were able to connect to the internet. Though, some machines were not able to stay operational long enough for a fix to be downloaded, meaning users would have to boot their machine into Safe Mode (a mode which limits the features of Windows to better help fix issues with the operating system) and manually delete the update files. This would have to be done individually to each machine that could not connect to the internet.

The exact cause of the error was revealed to be a null pointer reference within one of the update’s files. This sort of fatal error occurs when a program attempts to reference an area in the computer’s memory that doesn’t exist. Typically, a program referencing a null area in the computer’s memory would crash, but since CrowdStrike’s software contained drivers with kernel privilege, the highest privilege that software may have on a computer, the driver’s failure resulted in the entire computer’s failure. It was also because these drivers started up during the computer’s boot process that a number of the machines could not boot without going into a BSOD.

The resulting outage has been considered to be the largest IT outage in history, having caused Fortune 500 countries to lose more than $5 billion. More specifically, healthcare and banking sectors lost around $3 billion combined and airlines lost a combined $860 million. The company now faces a class-action lawsuit from their investors, with the claim being that the company misled the investors in regard to the quality of their Falcon software. Delta Airlines has also made clear their intent to sue over a claimed $500 million loss.