On July 19th, the Windows system experienced a global malfunction, affecting multiple regions including the United States, Japan, the United Kingdom, Mexico, India, New Zealand, Australia, and India. Among them, the train location information of West Japan Railway Company (JR West) could not be obtained due to the Windows system malfunction, and Australian airlines, banks, government networks, enterprises, supermarket automatic cash registers, etc. were also affected.
A reporter from China Business Daily noticed that many users in China have also encountered issues related to Microsoft system blue screen failures. The topic of "Thank you Microsoft, early vacation" has also become a hot search topic. According to Weibo images posted by many netizens, Windows system computers have blue screen images, many of which have "csagent. sys" errors. Some network engineers have said that the problem is with the antivirus platform CrowdStrike, which has led to this global "disaster".
On overseas social platforms such as X (formerly Twitter), there are also a large number of users reporting blue screens on the Windows system. A netizen jokingly said, "If you get this on your Windows computer... you're not alone... the whole world is getting it today
As of press time, Microsoft's Global Chief Communications Officer Frank X. Shaw has released an official statement stating, "Earlier today, an update to CrowdStrike caused multiple IT systems to malfunction, and we are actively assisting our customers in restoring service
Previously, US antivirus software company Crowdstrike announced that it had received numerous reports of blue screens on Windows computers. Due to widespread system failures, operations of airlines, banks, and other businesses around the world have been affected. CrowdStrike CEO George Kurtz stated that the company has identified the updates that caused the global Windows system crash and has deployed fixes.
Windows system crash: widespread impact
On July 19th local time, some applications and services under Microsoft Corporation experienced issues such as access delays, incomplete functionality, or inability to access.
On that day, various fields such as aviation, railways, banks, enterprises, media, and hotels in multiple countries were affected by the Windows system crash.
According to foreign media reports, the Federal Aviation Administration of the United States stated that all flights of three American airlines, including United Airlines, were grounded on the morning of July 19th due to communication issues. Multiple airports in the UK have experienced flight delays and some flights have been cancelled. Edinburgh Airport has experienced service interruptions due to screen malfunction. British Rail has warned passengers of potential transportation disruptions. The London Stock Exchange's website has also experienced issues, and most general practitioners in England have experienced disruptions in their medical consultations.
In Germany, Berlin Brandenburg Airport reported technical barriers and delays in boarding procedures. Airports, banks, and communication companies in Australia have also been affected. The digital service systems of dozens of hospitals in Israel have been temporarily suspended. In addition, airports or banking systems in multiple countries such as South Africa, Czech Republic, Japan, South Korea, Belgium, New Zealand, and Singapore have also reported varying degrees of impact.
In addition, according to Hong Kong media reports, on the afternoon of July 19th, the Hong Kong Airport Authority stated that due to a Microsoft system malfunction, affected airlines at Hong Kong Airport will have to switch to manual registration procedures.
In mainland China, multiple related topics such as "Microsoft Blue Screen", "Thanks to Microsoft, Early Holiday", and "Microsoft Customer Service Responds to Blue Screen" have become hot searches.
A person working in a foreign company told reporters, "This afternoon, several colleagues in the office reported that there was a problem with my computer, and then my computer also showed a blue screen. However, my computer quickly recovered, but a large number of colleagues reported that the computer was on strike and couldn't even turn on
Hilton Group's Shanghai Lujiazui Xinmei Hilton also responded that there is a problem with the Windows system.
It is understood that the blue screen fault, also known as the Stop code issue, automatically shuts down the Windows system to protect the system when a serious problem occurs.
CrowdStrike: Deploying Solution
According to multiple foreign media reports, the global failure of the Windows system was mainly caused by CrowdStrike. Microsoft has also issued a statement stating that an update to CrowdStrike caused multiple IT systems to malfunction.
According to relevant information, CrowdStrike is a network security service provider headquartered in California, USA, founded in 2011 by George Kurtz, former Chief Technology Officer of computer security provider McAfee, and Dimitri Alperovitch, former Vice President. The company provides network security solutions, including the use of IOCs (Indicator of Computation) and machine learning to detect known and unknown malware, as well as the use of IOA (Indicator of Attack) to identify more complex threats.
And most of the hardest hit areas in this recruitment are foreign enterprise users who have installed CrowdStrike. According to US media reports, this global crisis is expected to affect millions of users.
In the view of a domestic security software expert, the occurrence of this malfunction may be due to the high probability of being hit by CrowdStrike security software. This security software has a high market share in Europe and America, but a very low market share in China. It is estimated that some foreign companies in China have installed this security software as required by their headquarters.
Subsequently, George Kurtz also issued a statement on X stating that this was not a security incident or cyber attack, and that the related issues have been identified, isolated, and fixed. The company is actively working with affected customers.
CrowdStrike has warned customers that its Falcon Sensor threat monitoring product has caused Microsoft Windows operating system crashes. At the same time, Microsoft Azure cloud services have also experienced interruptions, resulting in IT disruptions that have put global enterprises in a difficult situation.
Currently, Microsoft has stated that the root cause of the global disruption has been resolved, but the residual impact of network security disruptions continues to affect certain Office 365 applications and services.
The security software experts mentioned above analyzed to reporters that there may be two main reasons for the large-scale user Windows system failure this time: one is that CrowdStrike has recently received driver updates, and the other is that CrowdStrike has not been updated. Windows has been updated (Microsoft recently released a security update in July, and enterprise users often upgrade a few days later), resulting in previously compatible drivers being incompatible, but the responsibility lies with the problems with CrowdStrike's drivers.
After investigation, it has been confirmed that the blue screen malfunction in this cycle was caused by CrowdStrike's previous update release, and the company has now withdrawn the update. And domestic security software has also experienced incidents of system blue screens, but the impact was not as significant.
In addition to security software, malicious software often loads some drivers, and there are even more cases of blue screens. "This security software expert reminds that security software must be constantly developed, modified, tested, and modified, and a driver update often takes weeks or months.
It is worth noting that this is not the first time Microsoft Cloud Services has experienced a large-scale outage. In January of this year, Microsoft's cloud services experienced a global outage, affecting a range of services from Outlook to Teams. Microsoft attributed this to changes in network configuration at the time.
Wang Liejun, a cybersecurity incident response expert and head of the Threat Intelligence Center at Qianxin, said that the large-scale interruption of Microsoft services this time reminds the industry and users that even very mature technology platforms may encounter unexpected failures. It can be seen that business stability and network security are not only technical issues, but also management and strategic issues that require comprehensive consideration of various factors.
Triggering a deeper discussion on 'autonomy and controllability'
According to StatCounter data, in terms of global market share, the market share ranking of desktop operating systems is Windows macOS、Linux、Chrome OS、FreeBSD。 By the end of 2023, 7 out of every 10 desktop operating systems worldwide (72.72%) will be installed with Microsoft's Windows system.
It is worth noting that in this Microsoft incident, China's public service facilities were not affected, and the relevant domestic operating systems performed as usual.
And this has also sparked discussions in China about having autonomous operating systems and ecosystems.
In the eyes of some industry insiders, it is necessary to promote and popularize domestic operating systems, especially for key enterprises and industries.
The castle built on the beach looks big and beautiful, but it could collapse at any time, "a domestic software industry insider told reporters about the thinking behind the incident." The source code is in someone else's hands and is not open to us, and any situation can happen.
Although domestic operating systems started late and have a low market share, they have also made rapid progress in recent years with policy support and industry efforts. According to the Ministry of Industry and Information Technology, the scale of China's operating software industry has exceeded 10 trillion yuan. According to the latest data released at the 2023 China Operating System Industry Conference, as of now, the number of software and hardware adaptations for China's operating system ecosystem has exceeded 5 million, an increase of 400% compared to the same period last year. The domestic operating system ecosystem has entered a period of explosive growth.