>>21244271
>I think there's a misunderstanding of the significance of this habbening
>News unlocks the map
"Overwatch"
CrowdStrike Windows Outage—What Happened And What To Do Next
Kate O'Flaherty
Senior Contributor
Cybersecurity and privacy journalist
1
Jul 19, 2024,04:35am EDT
A CrowdStrike update is breaking computers running Windows, causing them to crash and display the blue screen of death. Across industries, companies around the world haven’t been able to reboot, according to reports. Firms affected by the outage include Sky News, which has been unable to broadcast.
Concerned users have taken to forums such as Reddit to report the issue, with one user saying: “Wow, stuck in a boot loop, and entire org taken out.”
So if you got into work this morning and were met by, frankly, carnage, know that you are not alone. Here’s what happened and what to do next.
What Happened
As you might have gathered, an issue with CrowdStrike cybersecurity software is causing the widespread global issue. Engineers at the company said they are working on the issue, which affects its Falcon Sensor product. CrowdStrike calls Falcon “the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks—including malware and much more.”
The IT outage has affected airports, businesses and broadcasters, according to the Sky News website. Planes have been grounded in the U.S., trains in the U.K. are impacted, as well as boarding scanners at Edinburgh airport in Scotland.
Microsoft said it is taking “mitigation actions” after service issues itsaid started at about 6 p.m. Eastern Time. The company says it is investigating issues with cloud services in the U.S. and “an issue impacting several of its apps and services,” Sky News reported.
“We're aware of an issue affecting Windows devices due to an update from a third-party software platform,” a Microsoft spokesperson said, adding: “We anticipate a resolution is forthcoming.”
While initial reports focused on a dodgy update, a user named Brody, who is director of CrowdStrike Overwatch, posted on X (formerly Twitter) that it is “a faulty channel file, so not quite an update.”
There is a workaround, he added.
-
Boot Windows into Safe Mode or WRE.
-
Go to C:WindowsSystem32driversCrowdStrike
-
Locate and delete file matching "C-00000291*.sys"
-
Boot normally.
At 5:45 a.m. ET, CrowdStrike CEO George Kurtz posted on X, confirming the issue is not a cyberattack and was caused by a botched update.
“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack,” Kurz wrote, adding that the issue has been “identified, isolated and a fix has been deployed.”
“We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website,” he added. “We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”