CrowdStrike Cause Windows BSOD: How Boost Computers Can Help

CrowdStrike Update Causes Windows Blue Screen of Death (BSOD)

How Boost Computers Can Help?

In recent developments, a significant number of Windows users, including various Australian businesses and websites, have been encountering critical system crashes attributed to a CrowdStrike update. This issue has manifested in the infamous “Blue Screen of Death” (BSOD), resulting in widespread disruptions across multiple sectors.

Understanding the Issue

The problem appears to stem from a recent update to CrowdStrike’s Falcon Sensor platform, a vital component in safeguarding systems against cyber threats. This update inadvertently triggered compatibility issues with certain Windows configurations, leading to frequent BSOD occurrences and subsequent system reboots. Affected organizations, including prominent names like ABC, major banks, and telecommunications providers, have reported operational disruptions due to this issue.

CrowdStrike’s Response

CrowdStrike swiftly acknowledged the problem and has been actively working on a resolution. As of the latest update, they have identified the root cause related to content deployment and have rolled back the problematic changes. For users experiencing persistent crashes, CrowdStrike has provided a workaround that involves removing specific driver files associated with the Falcon Sensor. Here are the steps:

Boot into Safe Mode or Windows Recovery Environment:
- This ensures a stable environment to perform troubleshooting steps.
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory:
- Locate the directory where CrowdStrike drivers are stored on your system.
Identify and Delete Problematic Driver File:
- Look for a file matching the pattern “C-00000291*.sys”.
- Rename this file to mitigate the BSOD issue.
Reboot the System:
- Once the file is deleted, restart your computer normally.

Clarification from Authorities

It’s important to note that the National Cyber Security Coordinator has confirmed this incident is not a cyber attack but rather a technical issue stemming from third-party software. This clarification aims to assure users that there are no indications of malicious intent associated with the disruptions.

Continued Monitoring and Support

Cybersecurity firms like Tesserent are also actively involved in resolving the issue for their clients. They are currently testing rollback solutions and will provide updates as soon as a definitive resolution is identified.

For ongoing updates and detailed instructions, users are encouraged to monitor CrowdStrike’s official support channels and cybersecurity advisories. As the situation evolves, prompt implementation of recommended fixes will help mitigate the impact of these disruptions on affected systems.

In conclusion, while incidents like these underscore the complexities of maintaining IT infrastructures, proactive responses from cybersecurity providers and collaborative efforts across sectors are essential in swiftly resolving such technical challenges.

Stay informed, stay secure…

For any assistance with help on this issue, please contact us today!