CrowdStrike Update Causes Widespread Windows Crashes

A recent update to CrowdStrike’s Falcon Sensor software has caused a global wave of Windows 10 crashes, leaving numerous PCs displaying the dreaded Blue Screen of Death (BSOD) and unable to reboot. This issue has sparked significant concern and frustration among users and IT administrators worldwide.

The problem was first reported by users experiencing widespread BSOD errors. “We’re seeing BSOD org-wide that are being caused by csagent.sys, and it’s taking down critical services. I’ll open a ticket, but this is a big deal,” one user noted on an online forum, highlighting the severe impact of the issue.

CrowdStrike has acknowledged the problem, issuing an advisory titled “Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19.” However, this advisory is accessible only behind a registration wall, restricting it to customers. An apparent screenshot of the advisory reveals, “CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. Symptoms include hosts experiencing a bugcheck/blue screen error related to the Falcon Sensor.”

Engineers at CrowdStrike are reportedly working diligently to resolve the issue. The Falcon Sensor, which is designed to block attacks on systems while capturing and recording activity in real-time to detect threats swiftly, appears to be at the center of the problem. Ironically, the sensor intended to protect systems is now the source of the threat.

This incident is a significant blow to CrowdStrike, one of the world’s largest cybersecurity vendors. Headquartered in Austin, Texas, the company employs nearly 10,000 people and provides software to thousands of businesses globally to defend against viruses and cyberattacks. The CrowdStrike Falcon software, which operates in the background on many corporate systems, is now causing major disruptions.

The outage began around midday AEST on Friday, initially affecting users in the US before spreading to Australia and other regions. Microsoft Windows systems have been primarily impacted, with users experiencing the infamous Blue Screen of Death. A representative from CrowdStrike confirmed in a forum post, “We’re aware of a widespread issue causing BSOD errors on Windows machines across various sensor versions.”

While Microsoft is not the source of the problem, its systems are significantly impacted due to the prevalence of CrowdStrike Falcon software on Windows platforms. Microsoft has stated on X (formerly Twitter) that it is investigating the incident.

The Blue Screen of Death (BSOD) is a critical error screen in Windows operating systems, indicating a severe issue that forces the system to crash to prevent further damage. When this error occurs, the computer restarts unexpectedly, often resulting in the loss of unsaved data.

In this case, affected systems display the message, “Your PC ran into a problem and needs to restart. We are just collecting some error info, and then we will restart for you.”

Users affected by the BSOD issue are advised to seek support from CrowdStrike and follow any official guidance provided to mitigate the impact on their systems.

For systems that have been already impacted by the problem, the mitigation instructions are listed below –

• Boot Windows in Safe Mode or Windows Recovery Environment
• Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
• Find the file named “C-00000291*.sys” and delete it
• Restart the computer or server normally

Leave a Comment

Your email address will not be published. Required fields are marked *