Airline passengers found themselves stranded at airports as thousands of flights were canceled. Hospitals had to turn away patients with routine appointments. Shoppers encountered self-checkout terminals showing the notorious Blue Screen of Death, indicating Windows failures. Even the organizers of the upcoming Paris Olympics faced delays in the delivery of uniforms.

The disruption stemmed from a Windows update issued by security firm CrowdStrike. In a blog post, the company explained that the issue was identified and resolved by 6 a.m. Friday, but the damage had already spread worldwide. CrowdStrike CEO George Kurtz apologized on NBC’s “Today” show, promising to ensure every customer fully recovers. Many systems are on the mend, but some may take longer to return to normal.

Early effects were visible at airlines. Budget carriers Frontier and Sun Country disclosed disruptions early Friday, which soon spread to major airlines globally. By 6:30 p.m., over 4,400 flights had been canceled worldwide, with more than 2,700 in the U.S., according to FlightAware.com. Over 40,000 flights were delayed, including more than 10,000 U.S. flights. United Airlines reported impacts on several key systems, including those for check-in, aircraft weight calculation, and call center operations.

John Cox and his wife spent more than a day at Reagan National Airport trying to fly home to North Carolina. Their flight to Charlotte was rescheduled from 10:17 a.m. Friday to noon Saturday. “It completely derailed our plans,” Cox said, lamenting the additional expenses incurred.

By Friday morning, the effects extended to various industries and government agencies. Medical providers from the U.S. to Israel lost access to electronic medical records, and some hospitals postponed elective procedures. Mass General Brigham in Massachusetts canceled all non-urgent visits, while emergency departments remained operational. Alison Baulos’ father, Gary Baulos, had his heart surgery canceled at Baptist Health Hospital in Paducah, Ky. After a night in a nearby hotel, they were informed at 3:30 a.m. that the procedure was postponed. Despite the inconvenience, Gary Baulos remained calm, suggesting breakfast at IHOP.

Danielle Carzell, a 35-year-old from Atlanta, had anticipated her hip replacement surgery for months but was told at Emory St. Joseph’s Hospital that it would be rescheduled. “I just want to play with my 5-year-old,” she said, expressing frustration over the delay.

Television stations in several countries were knocked off the air. In Australia, ABC News showed a special report on Sydney airport disruptions instead of the usual evening update.

Emergency services also faced issues. The Alaska State Troopers reported 911 call center malfunctions starting at 9 p.m. Thursday, with service restored by 4 a.m. Friday after switching to analog systems.

Federal officials scrambled to assess and assist with the situation. Anne Neuberger, a security adviser to President Biden, began her day on a call with the White House situation room, evaluating the impact on government systems and the economy. “It highlights the interconnected and digital nature of our economy and national security,” Neuberger said at the Aspen Security Forum. A White House official stated that Biden was briefed on the outage and that the administration was in touch with CrowdStrike and affected entities. Transportation Secretary Pete Buttigieg told CNBC that while recovery was underway, the episode should prompt reflection on the country’s vulnerability to technical problems. “We’re in a new era of risks,” Buttigieg said, anticipating extensive after-action assessments once operations normalize.

This outage is the latest in a series of recent computer security issues and service disruptions. Bruce Schneier, a security expert at the Harvard Kennedy School, commented on the fragility of the online world as companies prioritize efficiency over resiliency. “This is one of hundreds of essential companies you’ve never heard of that keep the internet running,” Schneier said, comparing the situation to a precarious house where nailing a picture could cause collapse.

CrowdStrike’s software is widely used globally by businesses to protect against hackers. The problems Friday only affected computers running Microsoft’s Windows, leaving Apple and Linux systems unaffected. Windows, which powers hundreds of millions of personal PCs, also runs the critical systems behind airlines, digital payment networks, emergency call centers, and more. Microsoft CEO Satya Nadella stated on X that his company was collaborating with CrowdStrike and Windows users to provide technical guidance and support for safe system recovery.

The faulty file causing the outages was timestamped at 12:09 a.m. Eastern time Friday, CrowdStrike said. An unrelated Microsoft outage on Thursday compounded the issues.

The scale of Friday’s impacts surprised experts, even in a year of significant cyber incidents. Chris Cummiskey, a cybersecurity expert, noted that while CrowdStrike is regarded as a leader in cyber protection, this event might prompt a review of their practices. “A single button shouldn’t trigger a global meltdown,” Cummiskey said.