A software update brings millions of Windows servers to their knees and the effects are felt worldwide

0
67

Central infrastructure around the globe reports various outages

Apparently due to a faulty update from the cybersecurity company “CrowdStrike”, there have been mass outages of Windows PCs.

Countless companies and authorities were paralyzed by a BSOD (blue screen of death) after the update. An initial workaround has already been published

This is why it is important:CrowdStrike is one of the most popular security solutions for Windows servers and is used worldwide.

The outage caused by the update had far-reaching consequences. In Germany, for example, Berlin Airport (BER) was paralyzed. Globally, media and telecommunications companies were also affected.

In detail:The first reports of problems with the CrowdStrike service appear to have surfaced on the social media platform Reddit.

  • On the associated subreddit, one user asked whether “someone was also affected by a BSOD outage”.
  • Only a short time later, CrowdStrike confirmed the error and stated that they were currently investigating the cause.
  • The thread already had around 4,400 comments at 10:30 a.m., now there are already over 7,000.

Comment
byu/TipOFMYTONGUEDAMN from discussion
incrowdstrike

Global effects:The Berlin airport mentioned above had to “temporarily suspend” air traffic shortly after 8 a.m., and no flights are to leave here before 2 p.m., as reported byRBB

The University Medical Center Schleswig-Holstein (UKSH) had to cancel the first planned operations. “The care of patients at the UKSH is secured, as is emergency care”, as theÄrzteblattexplains.

All over the world, other airlines and airports reported IT failures. In India, for example, this meant that the boarding pass had to be issued by hand:

In Australia, however, payment transactions are also affected by the problem in addition to airports, asReutersreports.

Temporary fix:In the meantime, at least a temporary solution has been found. Those affected should take the following steps:

  • Start Windows in safe mode or the recovery environment
  • Navigate to the directory C:WindowsSystem32driversCrowdStrike
  • Find the file with the prefix “C-00000291*”.sys and delete it
  • Restart host

This solution is now also recommended by the company itself as an official workaround

This is what CrowdStrike says:The same can also be found on thewebsite of CrowdStrikewhere the company provides further statements on the incident. However, these can only be viewed after prior registration.

  • According to this, a recent update was indeed responsible for the outages. These changes have since been reversed.
  • If the update has already been installed, only the above workaround is available at the moment.

In the worst-case scenario, IT admins will have to implement this solution for each individual server as things stand