Central infrastructure around the globe reports various outages
Apparently due to a faulty update from the cybersecurity company “CrowdStrike”, there have been mass outages of Windows PCs.
Countless companies and authorities were paralyzed by a BSOD (blue screen of death) after the update. An initial workaround has already been published
This is why it is important:CrowdStrike is one of the most popular security solutions for Windows servers and is used worldwide.
The outage caused by the update had far-reaching consequences. In Germany, for example, Berlin Airport (BER) was paralyzed. Globally, media and telecommunications companies were also affected.
In detail:The first reports of problems with the CrowdStrike service appear to have surfaced on the social media platform Reddit.
- On the associated subreddit, one user asked whether “someone was also affected by a BSOD outage”.
- Only a short time later, CrowdStrike confirmed the error and stated that they were currently investigating the cause.
- The thread already had around 4,400 comments at 10:30 a.m., now there are already over 7,000.
Comment
byu/TipOFMYTONGUEDAMN from discussion
incrowdstrike
☻
Global effects:The Berlin airport mentioned above had to “temporarily suspend” air traffic shortly after 8 a.m., and no flights are to leave here before 2 p.m., as reported byRBB
The University Medical Center Schleswig-Holstein (UKSH) had to cancel the first planned operations. “The care of patients at the UKSH is secured, as is emergency care”, as theÄrzteblattexplains.
All over the world, other airlines and airports reported IT failures. In India, for example, this meant that the boarding pass had to be issued by hand:
The Microsoft / CrowdStrike outage has taken down most airports in India. I got my first hand-written boarding pass today pic.twitter.com/xsdnq1Pgjr
– Akshay Kothari (@akothari) July 19, 2024
In Australia, however, payment transactions are also affected by the problem in addition to airports, asReutersreports.
Temporary fix:In the meantime, at least a temporary solution has been found. Those affected should take the following steps:
- Start Windows in safe mode or the recovery environment
- Navigate to the directory C:WindowsSystem32driversCrowdStrike
- Find the file with the prefix “C-00000291*”.sys and delete it
- Restart host
This solution is now also recommended by the company itself as an official workaround
CrowdStrikeがWindowsブルースクリーンの対処法を発表
1.セーフモードかWindows回復環境で起動
2.C:WindowsSystem32driversCrowdStrikeに移動
3.C-00000291*.sysにマッチするファイルを削除 ※アスタリスク部分は00000291abc.sysや00000291999.sysなどどんな文字にもマッチするという意味
4.起動 pic.twitter.com/FqhRb5nncW– ロアネア@最多情報源バズニュース (@roaneatan) July 19, 2024
This is what CrowdStrike says:The same can also be found on thewebsite of CrowdStrikewhere the company provides further statements on the incident. However, these can only be viewed after prior registration.
- According to this, a recent update was indeed responsible for the outages. These changes have since been reversed.
- If the update has already been installed, only the above workaround is available at the moment.
In the worst-case scenario, IT admins will have to implement this solution for each individual server as things stand
