Tom Warren, reporting for The Verge:

Thousands of Windows machines are experiencing a Blue Screen of Death (BSOD) issue at boot today, impacting banks, airlines, TV broadcasters, supermarkets, and many more businesses worldwide. A faulty update from cybersecurity provider CrowdStrike is knocking affected PCs and servers offline, forcing them into a recovery boot loop so machines can’t start properly. The issue is not being caused by Microsoft but by third-party CrowdStrike software that’s widely used by many businesses worldwide for managing the security of Windows PCs and servers.

Australian banks, airlines, and TV broadcasters first raised the alarm as thousands of machines started to go offline. The issues spread fast as businesses based in Europe started their workday. UK broadcaster Sky News was unable to broadcast its morning news bulletins for hours this morning and was showing a message apologizing for “the interruption to this broadcast.” Ryanair, one of the biggest airlines in Europe, also says it’s experiencing a “third-party” IT issue, which is impacting flight departures.

Here’s what happened: CrowdStrike, which makes some kind of antivirus software for businesses called Falcon, released a faulty update to the program which contains a corrupted file, called “C-00000291*.sys,” that forces Windows into a boot loop. The result is practically every commercially used Windows computer in the world receiving the update over the air and being plunged into blue screens saying that Windows is unable to launch. And the imagery is marvelous. Take a look.

I’m extremely perplexed why this software is allowed to update without manual intervention, or why CrowdStrike — evidently a technically inept company — doesn’t use staged rollouts for software that 500 of the top 1,000 companies use. App developers with 30 sales a week use staged rollouts so that if an issue is identified, the update can be recalled before it is downloaded to every device — but CrowdStrike clearly didn’t have the intuition to do this.

It’s also idiotic that these mission-critical computers are (a) connected to the internet at all, and (b) not running Linux. I understand that some machines need internet access to collect data, but airport arrivals screens, point-of-sale terminals, and other displays only need information, not internet access. They should instead be connected to a Linux computer using some sort of protected virtual private network with no third-party software, and those computers shouldn’t be updated automatically — the updates should always be verified by a trained IT department.

The amount of stupidity and callousness exhibited by every company impacted by this outage is unbridled. It isn’t just CrowdStrike’s fault: How is one singular file on a computer allowed to take down the entire operating system? Why doesn’t Windows have checks for rogue applications like this? How is one configuration file allowed to throw the entire computer into a boot loop and why isn’t it automatically killed by the system? Mac apps run in sandboxed environments unless they’re given explicit permission to run independently — which nobody should ever do.

Clearly the entire team at CrowdStrike that manages pushing out updates to important software should be fired. So should the leadership team.