Microsoft Outage: Microsoft Windows PCs at airports, banks, health services, IT companies, and news outlets worldwide are experiencing the infamous Blue Screen of Death (BSOD), causing machines to either shut down or restart automatically. This widespread issue has caused significant disruptions, but what’s behind it?
The Culprit: CrowdStrike Falcon Update
While some attribute the crashes to the ongoing Microsoft cloud service outage, the BSOD is likely caused by a recent update to CrowdStrike Falcon, a cybersecurity solution used by corporations, government agencies, and media houses like Sky News. The latter was unable to broadcast for a while due to the crashes.
CrowdStrike, a US-based cybersecurity firm founded by former McAfee employee George Kurtz, focuses on helping organizations manage their security and protect sensitive data and systems. It’s important to note that personal Windows PCs are unaffected because CrowdStrike does not sell its solution to retail customers.
CrowdStrike’s Response
In a statement, CrowdStrike CEO George Kurtz acknowledged the issue, stating that the company is actively working to fix the problem. He clarified that a “single content update for Windows hosts” is causing the issue and assured that it is not a cyberattack. The problem is currently limited to Windows, while Mac and Linux users remain unaffected.
CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…
— George Kurtz (@George_Kurtz) July 19, 2024
What Caused the Crashes?
The recent CrowdStrike update to Falcon, a software with high-level access to systems, is causing the crashes. The affected Windows machines are rendered unusable, making it nearly impossible to release another update to resolve the issue remotely. Consequently, systems affected by the problem will need to be manually updated.
CrowdStrike did not explain why or how the buggy update was pushed but provided a workaround to fix the issue. This manual fix will be a time-consuming process for large organizations with thousands of PCs.
Fixing the BSOD
To fix the BSOD caused by CrowdStrike’s latest Falcon update, follow these steps:
- Boot your Windows PC into Safe Mode.
- Launch File Explorer.
- Navigate to “C:\Windows\System32\drivers\CrowdStrike”.
- Find and delete the file named “C-00000291*.sys”.
- Reboot your PC.
Expert Insight
Omer Grossman, the Chief Information Officer (CIO) at CyberArk, commented on the situation: “The damage to business processes at the global level is dramatic. The glitch is due to a software update of CrowdStrike’s EDR product. This is a product that runs with high privileges that protects endpoints. A malfunction in this can, as we are seeing in the current incident, cause the operating system to crash.”
Understanding the Blue Screen of Death
The Blue Screen of Death is triggered when the operating system calls “KeBugCheckAPI,” which is equivalent to a fire alarm and is used as a last resort due to the lack of any other safe options. While there are various reasons behind the BSOD, Microsoft says it is usually caused by faulty hardware or buggy software.
Conclusion
The recent BSOD issue impacting Windows PCs worldwide is a reminder of the critical importance of robust cybersecurity measures and careful software updates. As organizations grapple with the fallout, the manual fixes provided by CrowdStrike will help restore functionality, albeit slowly. Users and administrators are advised to stay informed and take necessary precautions to mitigate such disruptions in the future.
ALSO READ: Chandipura Virus Outbreak in Gujarat: What You Need to Know
