Cyber Security Blog

Blue Screen of Death: Live Timeline of the Microsoft Outage & Impact

Written by Aditi Uberoi | 19 July 2024

The world literally came to a stop on Friday morning as Microsoft users worldwide experienced a massive outage. With computers worldwide showing the 'Blue Screen of Death' or BSOD error, flights got cancelled, Live News channels went offline, services at London Stock Exchange got disrupted. What is exactly happening, what's the extent of the global impact and how does this issue get resolved?  

Join us as we attempt to make sense of this global disruption in our LIVE Timeline. We'll be updating this document with the latest updates as the incident unfolds, more impacted organisations emerge, response steps are undertaken and more. Bookmark this page for live updates every 30 minutes! Don't forget to Check our LIVE, Crowd-Sourced Document with live updates on the BSOD error outage, impact and yes, some light-hearted reactions too.  

What's the Global Blue Screen of Death Crisis All About?   

  • Windows PCs worldwide started displaying the 'Blue Screen of Death' (BSOD error), rendering them unusable. Systems either abruptly shut down or restart when the Blue Screen appears. 

  • Microsoft says that a recent CrowdStrike update is the root cause of this outage. 

  • CrowdStrike, apparently, acknowledged the issue in an automated support reply: "CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. Symptoms include hosts experiencing a bugcheck/blue screen error related to the Falcon Sensor. Our Engineering teams are actively working to resolve this issue, and there is no need to open a support ticket."

  • The world’s biggest companies, including airlines, TV stations, railways and banks have been impacted. Services at Visa, Amazon, ADT security, news outlets in Australia and airlines including American Airlines, Delta, Air France, Air India have been impacted amongst many others. 

  • Tracking website Down Detector registered outages and problems at a vast number of companies including Delta Airlines, Mastercard, Lloyds Bank, Santander, RyanAir, Sky News, Ladbrokes, BT, and Microsoft Teams. 

  • With banks and payment systems being hit, petrol pumps and supermarkets were affected. 

  • Organisations worldwide that rely on Microsoft teams, chat functionality, Windows OS etc. have experienced a major operational disruption. 

  • Govia Thameslink Railway – the UK’s busiest train operator, which runs the Southern, Thameslink, Gatwick Express and Great Northern services around London – said that it was experiencing “widespread IT issues”.

  • RyanAir said it was a “global third party IT outage” and advised travellers to arrive “at least three hours before” their flights, as did many other airlines in India and the United States.

    An Indian airline passenger shares an image of his hand-written Boarding Pass as major airlines across the world experience service disruptions 
  • Several major oil and gas trading desks in London and Singapore were struggling to execute trades due to the cyber outage.

  • GP surgeries in England also said they were unable to access patient records or book appointments.

  • More than 1,000 flights have been cancelled worldwide - but American Airlines are saying flights are now resuming again.

  • Mercedes F1, sponsored by CrowdStrike, has also been impacted with a spokesperson confirming that the problems caused by outage are being manually addressed on each computer.

  • The issue has also been reported to impact the machinery utilised by Mercedes' engine partners McLaren, Aston Martin, and Williams. “We are working closely with our partners at CrowdStrike to mitigate any impact,” Mercedes’ spokesperson confirmed. 

  • CrowdStrike's shares are now, apparently, down by more than 20% in unofficial trading in the US - equal to a $16bn loss in value. 
     

Back to Top

Microsoft's Response and Updates

  • Microsoft said on Friday morning that it was continuing to address the "lingering impact" of its 365 applications and services that are in a "degraded state". 

  • Microsoft said the outage started on Thursday, with customers experiencing issues with multiple Azure services. Azure is a cloud computing platform that provides services for building, deploying, and managing applications and services. For businesses navigating cloud disruptions, engaging with Microsoft Azure consulting services can help optimise cloud infrastructure and ensure resilience during such outages. A configuration change within the backend infrastructure of Azure was likely behind the outage, a few media reports suggested.

  • On its Azure cloud software status report site, Microsoft said the service experienced "failures with service management operations and connectivity or availability of services.” While the cause, exact nature and scale of the outage was unclear, Microsoft appeared to suggest that the situation was improving.   

  • A spokesperson for Microsoft said there appear to have been two different and non-related issues. One was linked to its Azure cloud service that is likely close to being fully resolved, and one was related to cybersecurity-software company Crowdstrike. "We are working to restore services for those still experiencing disruptions as quickly as possible. Separately we're aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming," the spokesperson said.




  • CrowdStrike said on Friday noon that the problem has been "identified, isolated and a fix has been deployed".

What Can You Do if You've Been Impacted?

  • If you're amongst the affected users, you may see messages such as, "Windows has been shut down to prevent damage to your computer," or similar notifications.

  • These errors can be triggered by both hardware and software issues.

  • Microsoft has advised users who have recently installed new hardware and are encountering Blue Screen errors to shut down their PCs, remove the new hardware, and attempt a restart.

  • If restarting is difficult, you might try to start your PC in safe mode. Detailed instructions for starting a PC in safe mode can be found on the official Windows support website. Go to C:\Windows\System32\drivers\CrowdStrike directory. Find the file with the name “C-00000291*.sys" and delete it. Boot your windows normally.

Back to Top