CrowdStrike’s Role In the Microsoft IT Outage, Explained

The major Microsoft IT outage on Friday that grounded flights, sent TV stations off air, and disrupted online hospital systems has been linked to a third party—a cybersecurity technology firm named CrowdStrike. 

CrowdStrike’s CEO George Kurtz has spoken out about the outage, apologizing for the disruption caused. 

As the fallout from the event continues to impact people worldwide, here’s a breakdown of how exactly CrowdStrike is involved and what transpired. 

What caused the Microsoft outage? 

Early Friday, companies in Australia running Microsoft’s Windows operating system started reporting devices showing, what is commonly referred to as, “blue screens of death.” According to Microsoft’s website, this happens “if a serious problem causes Windows to shut down or restart unexpectedly.”

These disruptions then spread rapidly, impacting companies and communities around the world. The U.K., India, Germany, the Netherlands, and the U.S., reported disruptions. Meanwhile,  United, Delta, and American Airlines issued a “global ground stop” on all flights.

The cause of this outage came from a faulty update from CrowdStrike, deployed to computers running Microsoft Windows. The issue was specifically linked to Falcon, one of the companies main products, which does not impact Mac or Linux operating systems.

Launched in 2012 CrowdStrike’s cybersecurity software is now used by 298 of Fortune 500 companies, including banks, energy companies, healthcare companies, and food companies. 

How has CrowdStrike responded to the outage felt worldwide?

Appearing via a video link on The Today Show on Friday, CrowdStrike’s CEO delivered an apology to the public:

“We're deeply sorry for the impact that we've caused to customers, to travelers, to anyone affected by this, including our companies,” Kurtz said. “That update had a software bug in it and caused an issue with the Microsoft operating system...we identified this very quickly and remediated the issue.”

Kurtz was clear that this was not a cybersecurity issue nor an attack of any kind, but an issue coming from inside the company.

Though they’ve deployed the changes necessary to help remedy the issue, customers are still having issues, and it may be some time before systems across the globe are all fully operational.

In a statement emailed to TIME, CrowdStrike said that they are “actively working with customers impacted by a defect found in a single content update for Windows hosts.”

They also clarified, once more, for those concerned that the issue is not a security incident, and that the problem has been “identified, isolated, and a fix has been deployed.”

Kurtz has also shared this information on his personal X (formerly Twitter) account.

Microsoft 365 posted on  X that the company was “working on rerouting the impacted traffic to alternate systems to alleviate impact” and that they were “observing a positive trend in service availability.”

TIME has reached out to Microsoft 365 for further comment.

On The Today Show segment, Kurtz said that CrowdStrike has been on the phone with customers all night, and that the issue was resolved for many when they rebooted their systems.However, he says the company will not “relent until we get every customer back to where they were and keep the bad guys out of their systems.”

If hosts are still crashing and unable to stay online to download CrowdStrike’s fix, the company has provided a workaround to the issue on its blog