New Delhi, July 19
After various businesses across the world reported IT outages on Friday, which included seeing the "Windows blue screen of death', CrowdStrike the security firm linked to a software update that caused the outage says that the issue has been isolated and a fix deployed.
George Kurtz, President and CEO of CrowdStrike said the cybersecurity company was working with customers on the issues faced by them while giving a reassurance that the issue was "not a security incident or cyberattack."
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, and isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they're communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers," Kurtz said.
CrowdStrike told customers early Friday that it was "aware of reports of crashes" of its software on the Microsoft Windows operating systems, according to a company advisory as reported by CNN.
The US media outlet said that CrowdStrike is perhaps best known for investigating the Russian hack of Democratic National Committee computers during the 2016 US election.
In an update, Microsoft said "Our services are still seeing continuous improvements while we continue to take mitigation actions. Multiple services are continuing to see improvements in availability as our mitigation actions progress. More details can be found within the admin centre."
Meanwhile, the Indian Computer Emergency Response Team (CERT-In) has issued an advisory, CIAD-2024-0035, addressing the severe outage impacting Microsoft Windows systems.
According to CERT, this disruption is linked to the recent update of the CrowdStrike agent, Falcon Sensor. CERT said that to mitigate these issues, the CrowdStrike team has reverted the changes made in the recent update. However, if hosts are still experiencing crashes and are unable to stay online to receive the necessary Channel File Changes, CERT-In recommends certain steps.
1. First, boot Windows into Safe Mode or the Windows Recovery Environment.
2. Next, navigate to the directory C:WindowsSystem32driversCrowdStrike and locate the file matching the pattern "C-00000291*.sys".
3. Once identified, delete the file. Finally, reboot the host normally.
Users are also advised to check for the latest updates and further instructions on the CrowdStrike support portal: CrowdStrike Support Portal.
On Friday the outage affected companies across various sectors, from airlines, banks, food chains and brokerage houses, to news organizations, and railway networks. The travel industry was greatly affected causing significant delays in flights across the world.