Crowdstrike Falcon is software designed to protect businesses from threats, but a new update has caused many systems running their sensors to be met with the infamous blue screen of death.
Large companies often deploy strict security measures to protect their machines, so use software (think of it as a more advanced Anti-Virus) to keep them safe. Businesses across the globe deploy a solution, named Crowdstrike Falcon. It offers protection against almost anything that could harm a computer.
However, Crowdstrike Agents are suffering from an issue that has caused systems running it to be met with the Windows Blue Screen of Death, and rebooting repeatedly.
Crowdstrike has acknowledged the issue in an update to customers. A transcript posted on Hacker News states: “CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.” the portal continues to detail the problem: “Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.”
In a post on X, CrowdStrike CEO and President George Kurtz said the issue is not a “security incident or cyberattack”. “The issue has been identified, isolated and a fix has been deployed,” he added while referring affected customers to the support portal for the latest updates.
Microsoft told The Verge’s Tom Warren that it’s “aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming.”
Microsoft CEO Satya Nadella issued a statement about the incident on Twitter/X as well.
He said: “Yesterday, CrowdStrike released an update that began impacting IT systems globally. We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online.”
So there appears to be hope for a solution deployed remotely, thereby fixing the issue, which has already had catastrophic effects globally. Airline Ryanair stated it is suffering from a “3rd party IT issue”, while British broadcaster Sky News has been taken offline.
The reaction to the issue on social media offers insight into just how widespread those affected are, with reports of Airports being taken offline, and also affecting game developers, as Smash Bros. director Masahiro Sakurai also expressed shock at the issue on X/Twitter.
A United Airlines flight has also been canceled due to technical problems, with issues also extending to Delta Airlines in Atlanta. Emergency services have also taken a hit due to the problem, according to users on social media.
The 911 services in the US have been disrupted by the issue. Services at the London Stock Exchange were also disrupted. The LSEG outage meant that company updates were not being published to markets through its Regulatory News Service, according to Reuters.
In Singapore, Changi Airport, which is one of the world’s busiest airports, said it has been manually checking in the passengers of some airlines. Local media reports report long queues at Changi Airport’s check-in counters.
Both Melbourne and Sydney airports are experiencing the outage, affecting check-in and potentially other terminal services. Flights are still arriving and departing, but delays are likely. Delays are also reported at Edinburgh Airport in the UK and Berlin Airport in Germany.
Subscribe to our newsletter for the latest updates on Esports, Gaming and more.
Frontier Airlines is experiencing significant disruptions due to the Microsoft technical outage and has issued a ground-stop order, meaning flights are temporarily halted.
Hospitals and other medical services are also being affected. One nurse from Texas highlighted that it has become difficult to take care of patients in the emergency room due to the issue. Workers in different hospitals across the UK told BBC that doctors in GP surgeries and hospitals are handwriting prescriptions.
The New Zealand Herald reports issues with debit and credit cards, including those from ASB, ANZ, and Kiwibank. ANZ FastPay Tap and Visa payWave are also reported to be down.
In a social media post, Akshay Kothari, Notion co-founder, posted that Indian airlines are now giving out boarding passes by hand.
Downdetector reports that massive global services, including Microsoft 365, and more have all been affected, seemingly by the Crowdstrike BSOD issues.
System administrators react to Crowdstrike Falcon error
Over on Hacker News, users shared their thoughts: “…an application shouldn’t be able to do this kind of damage to an operating system,” states one person.
“Husband is a deputy in California. His department and many others here are down as well (including PDs, jails, ambulance companies, etc.)” says another.
The scale of the issue is currently difficult to conceive, with the /r/crowdstrike subreddit also active with chatter about exactly who or what has been affected.
Speculation is rife with exactly which version of Crowdstrike is to blame. “Is anyone aware if it’s a particular version? we’re 7.15.18513.0. Rolled out 2 days ago. EDIT: this is the version that’s BSOD’ing for us.”
Another user comments: “Truly a sh*t show. One wrong push into production and my entire company of 80k workers comes to a halt, can’t work.”
Crowdstrike advises on interim fix
In a Reddit comment, a Crowdstrike moderator said the company identified a content deployment related to this issue and has reverted those changes. Crowdstrike has also issued an interim fix, with the steps provided below.
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it.
- Boot the host normally.
This is a developing story.