CrowdStrike, a leading cybersecurity platform, is experiencing a worldwide outage affecting numerous users. The issue, originating from a technical error in CrowdStrike’s main product, Falcon, has led to the dreaded Blue Screen of Death (BSOD) on Windows PCs. This error is impacting users worldwide, including in countries such as the USA, Germany, India, Japan, Canada, Australia, and others.
The Falcon Sensor, a key component of CrowdStrike’s cybersecurity suite, is designed to protect systems by monitoring and responding to threats in real-time. However, a recent update has caused this critical tool to malfunction, leading to system crashes and boot loops on Windows machines. A boot loop occurs when a computer repeatedly restarts, failing to load the operating system.
Users have flocked to social media platforms like Reddit and Twitter to report these issues. One user highlighted the widespread nature of the problem, stating, “We’re seeing BSOD Org wide that are being caused by csagent.sys, and it’s taking down critical services.”
This outage has been a technical inconvenience and severely disrupted business operations worldwide. Major companies, including banks, airlines, and media firms, have reported system failures, locking employees out of their devices. Affected entities like Nine, Deloitte, Qantas, and Woolworths grapple with the fallout.
In some countries, such as the United Kingdom and the Netherlands, hospitals and medical institutions have had to scale back their operations because of inaccessible systems. Brands such as Wetherspoons cannot take customer payments through credit cards, leaving customers having to pay with cash.
As far as blunders go, this one is up there with the all-time greats. A page on Wikipedia titled “2024 CrowdStrike incident” is documenting this incident in real-time, highlighting the major services and brands affected.
CrowdStrike’s response
CrowdStrike has acknowledged the issue, and engineers are working to resolve it. In a pinned thread in its Reddit discussion board, a CrowdStrike representative posted, “We have widespread reports of BSODs on Windows hosts, occurring on multiple sensor versions. Investigating cause. TA will be published shortly.”
They later provided a workaround to mitigate the problem, instructing users to delete a specific file from the system directory.
Workaround Steps:
-- Boot Windows into Safe Mode or the Windows Recovery Environment
-- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
-- Locate the file matching “C-00000291*.sys”, and delete it.
-- Boot the host normally.In an update on Twitter, CrowdStrike CEO George Kurtz stated that the issue affecting Windows hosts has been identified, isolated, and a fix has been deployed. He emphasized that this is not a security incident or cyberattack, and that Mac and Linux hosts are not impacted. He says that they are actively working with those affected and urged them to use official channels for communication and updates.
The Blue Screen of Death, often called BSOD, is a stop error screen displayed on Windows computers following a critical system error. This error indicates a fatal system failure, in which the operating system can no longer function safely.
While the workaround offers a potential resolution, and CrowdStrike has deployed a fix, the timing of this outage exacerbates the situation.
Many IT administrators may not be immediately available to implement these steps, mainly due to the global nature of the issue and differing time zones. Companies that rely on outsourced IT support or have limited in-house IT resources may experience significant delays in applying the fix and the workaround.
CrowdStrike has published an official blog post that maintains updates and helpful information for companies affected by the bug.
