CrowdStrike caused Windows outage chaos for airports, banks, and more. Here’s what happened

Windows BSOD outage

Alyson Windsor/ZDNET

In what looks to have been the biggest IT outage to date, a massive cybersecurity software issue caused chaos across the globe last week.

Airports, banks, stock exchanges, 911 services, transit systems, hotels, news outlets, hospitals, emergency services, and more began seeing the infamous blue screen of death (BSOD) after cybersecurity firm CrowdStrike issued a software update last Thursday, and many affected companies weren’t able to recover until the coming days.

What is CrowdStrike, and how did it cause the global tech outage?

CrowdStrike provides cloud workload protection and endpoint security, threat intelligence, and cyberattack response services to clients that include Amazon Web Services, Microsoft, eBay, Visa, AT&T, and 82% of US state governments. Even if your organization doesn’t use CrowdStrike, this should be a wake-up call, as even the best security is no match for a faulty software update.

If you want an in-depth breakdown of what went wrong, ZDNET’s Ed Bott explains it here. If you want the short version, CrowdStrike CEO George Kurtz’s LinkedIn post said the outage was due to a single Windows update, meaning it only affected Windows systems. Mac and Linux customers were just fine. Kurtz also added that the issue wasn’t the result of a cyberattack or a hack, and that Crowdstrike identified and isolated the issue, and deployed a fix.

Which companies are affected by the Crowdstrike software glitch?

When systems went down, people felt the impacts right away. Airports across the world developed snarling lines as the glitch grounded flights. In the US, Delta, American, United, Spirit, Frontier, and Allegiant were all affected by the outage, and while all were operational again within 24 hours, the effects of hundreds of canceled flights lasted into the next week.

Several hospitals, including one of the largest in Boston, canceled non-urgent procedures.

In Europe, several media outlets couldn’t broadcast, airlines shut down, hospitals couldn’t access records, transit systems saw delays, and the London Stock Exchange opened late. In Africa, customers of two major banks were not able to make payments with their cards at grocery stores and gas stations or use ATMs.

Also: Cybersecurity 101: Everything on how to protect your privacy and stay safe online

Mike Walters, the president and co-founder of Action1, a vendor of patch management software, suggested this type of problem happens due to inadequate testing scenarios and that deploying the update in phases could have mitigated the issue’s reach.

How to fix my Windows Blue Screen of Death

If you have CrowdStrike on your computer, and it’s suffering from a BSOD, perhaps the easiest way is to use Microsoft’s official tool that automatically creates the necessary boot drive. Additionally, several system admins on a Reddit thread shared a potential fix. You’ll need to boot Windows into Safe Mode or the Windows Recovery Environment and delete a file. If you know how to get into Safe Mode quickly on your computer, skip the first nine steps, which are from Microsoft, and go straight to the last two, which are from CrowdStrike

  1. Hold down the power button for 10 seconds to completely turn off your device.
  2. Press the power button again to turn your device back on.
  3. On the first sign that Windows has started, usually the manufacturer’s logo, hold down the power button for 10 seconds to turn off your device.
  4. Press the power button again to turn on your device.
  5. When Windows restarts, hold down the power button for 10 seconds to turn off your device.
  6. Press the power button again to turn on your device.
  7. Allow your device to restart into Automatic Repair, and select Advanced options to enter Windows Recovery Environment.
  8. Once there, select Troubleshoot > Advanced options > Startup Settings > Restart.
  9. After your device restarts, you’ll see a list of options. Select option 5 from the list, or press F5 for Safe Mode with Networking.
  10. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.
  11. Delete the “C-0000029*.sys” file and restart your computer.

Your computer should now boot normally.

Source Link

LEAVE A REPLY

Please enter your comment!
Please enter your name here