Global chaos erupts as Windows security update goes bad
The vast majority of corporate IT worldwide is struggling on Friday morning, with things as mundane as point-of-purchase, and as complex as flight management not working because of a bad Windows security patch by security firm CrowdStrike.
An unknown number of Apple Pay terminals are affected by the Microsoft outage worldwide
While the failure is confined to Windows systems, it's significantly worse than previous Microsoft outages, because of the scale. American Airlines, Delta, and United, each grounded all aircraft, according to BBC News, TV stations including MTV, VH1, CMT, Sky News, and ABC News Australia went off air.
What's directly affecting Apple users is that there are now reports of supermarkets around the world having problems accepting Apple Pay and other contactless payments. This will be because they are using Windows-based terminals, but it's not clear either how widespread this issue is, nor why it isn't affecting all users.
The outage was caused by a software update by security firm Crowdstrike. The company has issued a brief statement saying that it was one issue in an update, and that "this is not a security incident or cyberattack."
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," continues the statement. "Mac and Linux hosts are not impacted."
"The issue has been identified, isolated and a fix has been deployed," says the company.
Crowdstrike has not given a timescale for when the fix will be adequately rolled out worldwide. At present, the issue is continuing, and at time of writing, Apple Pay has been seeing a spike in outages, presumably because of it.
Read on AppleInsider
Comments
A number of books have been written on the anticipated failure of complex systems, sometimes looking at telecommunications or power delivery.
It's touch and go for the meeting which is scheduled to start in 30 minutes.
It is more likely they'll wait for the fix from Crowdstrike to flush through the systems.
Global automated updates should be rolled out in phases to catch these glitches before they become wildfires.
I see some airlines still have boarding cards that can be handwritten for the lucky ones who have been able to get off the ground.
EDIT: meeting postponed.
If your systems permeate the fabric of the internet (in the deployment sense), the scope for trouble is there but everyone (first or third party) should have resilience designed into their systems.
Crowdstrike says this is the result of a botched update as opposed to a security or cyber attack situation but having it propagate so far and so quickly has to be looked at and resolved.
Any vendor could be hit by botched processes so that includes Apple, Meta, Google, Microsoft, Amazon Huawei etc in the deployment sense and the likes of Cloudfare in an infrastructure sense.
I suppose using a third party solution might even be favorable in some situations.
Luckily, these situations don't usually hit the headlines very often but some might ask 'how much of that is literally down to 'luck' itself?
Could have been worded better. People are already blaming Windows...this headline doesn't help.
across multiple industries, I think we are now seeing the advantages of vertical integration. Apple has been a champion of vertical integration for a long time, but now we are also seeing how formerly integrated companies are crashing and burning when they give up control of key product components — ie Boeing.
Apple was different the hardware and software came bundled together so they worked seamlessly.
There was one time in Apple's history where they almost became extinct and that when Mr Pepsi Cola - some idiot that Steve Jobs hired from the soft drink company to manage the company - licensed the Apple OS and a builder in Texas I believe put together the hardware and then slapped on the Apple OS. That relationship lasted as long as a one-night stand.
Long story short, Mr Pepsi Cola forced Steve Jobs out, Jobs created Next on top of Unix. Apple floundered, MS tipped $150 million into Apple, Steve came back resurrected the company on top of the Unix Shell with the Mac interface. And from the Bondi Blue Mac and the iPod and as they say the rest is history. Apple is, IMO, due to become a $5 Trillion company.
Microsoft's O/S was some rubbish that Ms Gates purloined from a guy in Seattle. It has always been sheit. Full of security holes, bugs you name it. MS ought to have dumped the whole kit and caboodle, and become what they have proven to be good at, Cloud. My Nutella's specialty. Except good old Windows has opened up a breach into the cloud and scuttled the works.
I am no big fan of Android but it is heads and shoulders above Windows.
Perhaps MS needs to team up with Google and license Android to run their PCs and Azure to manage the Cloud.
Otherwise there will be days like these.
Outside Apple: We need access to the secure enclave
Tim: No
Outside Apple: We need access to the the inner workings of Apple Pay
Tim: No
Outside Apple: We need access to ..., you're anti-competitive....
Tim: No we are NOT and this is why we lock down our systems and maintain such a high level of CONTROL. Now go pound sand.
Apple has famously deleted user data basically with a flick of a switch. That turned out to be pure slopiness. Again, it shouldn't happen but sometimes it does.
The extent of an exploit, bug, glitch or whatever is always going to be dependent on the extent of the deployment platform. This one has had a tsunami effect because of that.
It's probably completely untrue but some will gleefully proclaim that maybe it was just as well it was a third party because if it were first party (Microsoft) more such cases would be the order of the day. LOL.
It seems Microsoft does a pretty good job with its corporate/server/cloud solutions but I have no idea if that is really the case of if it is all a house of cards waiting to collapse.
“Several reboots (as many as 15 have been reported) may be required, but overall feedback is that reboots are an effective troubleshooting step at this stage,"
In the mid nineties I was pushing to get Apple into education systems here (an area of 7 million people) but any deployment would hinge on local language support which Apple wasn't interested in providing.
OSX brought POSIX compliance but by then it was impossible to compete with an entrenched Windows ecosystem and the illegal practices of Microsoft to lock customers into their systems.
One potentially huge issue for Apple's rumoured car adventure was committment and long term software support. Apple has never been into either.
Lastly, I suppose we can add a third process issue too. Companies that place their critical business IT assets or infrastructure in the hands of a third party service provider without establishing internal guardrails, i.e., fully trusting that the service provider will save them from harm with no responsibility on their side, are operating at a higher level of risk. While some of these service providers do provide compensation for financial losses due to service disruptions, the company that owns the system is putting its own reputation on the line because their customers will only blame the company for disruptions, not the third party service provider.
Huh?!
"Kurtz said “it could be some time for some systems” to return to normal, stressing that they would not “just automatically recover”."
IT support at large corporations is being overwhelmed and while manual intervention would have allowed my meeting to go ahead, IT procedures don't allow for it. We couldn't switch to a tablet solution either because everything needs to be approved beforehand. Everything has to be done by the book.
I have another video conference with a Japanese multinational which is still planned to go ahead later today. Fingers crossed.