HQ/EMEAFind out how we can help your business
CrowdStrike Falcon is a software that protects businesses against threats, but an alleged recent update has compromised numerous devices that employ it worldwide, reportedly causing them to display the blue screen of death (BSOD).
Most of the largest and most prominent corporations globally typically adopt strict security procedures to protect their devices. Hence, they utilise software solutions, such as CrowdStrike Falcon, that can prevent cybersecurity issues.
However, a report earlier today revealed that CrowdStrike Agents are experiencing a problem that has resulted in PCs running it displaying the Windows Blue Screen of Death and continuously rebooting.
CrowdStrike confirmed that they are aware of the current issue in its latest announcement for its customers.
CrowdStrike claimed in an announcement that they are aware of the numerous reports of crashes on Windows hosts related to its Falcon Sensor. However, it assured everyone that it had already deployed a team that would resolve the issue.
Microsoft revealed that the issue affecting Windows devices was caused by an update from a third-party software platform, and they claim that a resolution for the matter will come immediately.
Therefore, the vendor could generate a remotely deployed solution that would solve the problem, which has already compromised various devices worldwide.
The reaction to the issue on various social media platforms shows how devastating the incident is to different organisations and just how widespread those affected are. Some of the industries that are confirmed to suffer from this issue are airlines, game developers, and law enforcement agencies.
CrowdStrike disclosed workaround steps to address the problem.
A Crowdstrike moderator said on the social media platform Reddit that the company identified a content deployment related to this issue and has reverted those changes. These changes allowed CrowdStrike to issue an interim fix:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it.
- Boot the host normally.
The current situation is a developing story. Organisations and users that experience such events should adopt the provided temporary fix to avoid unwanted disruptions.
