CrowdStrike update causes global outage of Microsoft services
CrowdStrike, the endpoint security software, caused a major global outage of Microsoft services, including Windows and Office 365, after an update on Friday. The alleged issue brought a “blue screen of death” (BSOD) to Windows devices around the world, preventing users from accessing their devices. The issue is also said to have disrupted services at IT companies, airports, banks and other industries.
CrowdStrike Error: What Happened?
The issue appears to have arisen following a CrowdStrike update that resulted in a ‘Blue Screen of Dealth’ on Windows devices. The error message reads: ‘Your device has encountered a problem and needs to restart’. However, restarting does not appear to resolve the issue as the device gets stuck in a boot loop.
Microsoft displays the error with the STOP code “PAGE_FAULT-IN-NONPAGED_AREA”. According to the error log, the error is caused by a malfunction in a CrowdStrike agent system file.
CrowdStrike Flaw: Its Impact
Software Status Monitoring Website Downdetector suggests The outage has affected several Microsoft services, including the Microsoft Store and Microsoft 365. The platform also reports that 911 emergency services in several US states have also been affected. According to claims on social media, the CrowdStrike update bug appears to have led to the disruption of services at institutions such as banks, airports, and IT companies.
Berlin Air suspended all flights, attributing it to a “technical problem”, a spokesman told AFP. All check-in and flight services were cancelled until 10:00 local time (13:30 IST). In addition, several US airlines, including Delta, United and American Airlines, grounded their flights, with the Federal Aviation Administration (FAA) citing a communications problem.
India’s IndiGo Airlines issued a statement informing about the impact on its services, resulting in long check-in queues and ticket booking errors. The company attributed the issue to Microsoft Azure and said its digital experts are working on a fix. A similar statement was also issued by Akasa Air and Indian Airlines.
It was also reported that media outlets were experiencing issues due to the global outage of Microsoft services, with Australia’s Sky News among those affected. In addition, the London Stock Exchange (LSE), run by the LSE Group, also said it was experiencing an issue that prevented its RNS news service from publishing to the LSE website.
As many as three Gadgets 360 employees were affected by the problem.
CrowdStrike Error: Response
CrowdStrike and Microsoft have both released statements following the outage. Microsoft said that several “mitigation measures” were in place, while also focusing on redirecting affected traffic to “healthy systems.” According to a Reuters report, Microsoft acknowledged that the issue started at 6:00 p.m. ET (3:30 a.m. IST), with customers in the Central US region experiencing issues accessing Azure services.
In a statement hidden behind a registration wall, CrowdStrike acknowledged the issue and said it was “aware of crash reports.” On the CrowdStrike website subredditThe moderator also posted a temporary fix for those who are still experiencing it. To resolve it, he advised users to:
- Boot the Windows device into safe mode or open the Windows Recovery Environment
- Then navigate to the folder C:\Windows\System32\drivers\CrowdStrike
- Find a file in the system directory corresponding to “C-00000291*.sys” and delete it
- Boot the host normally
In a later response, the Texas-based cybersecurity firm said that the issue, related to a “Falcon Sensor” on Windows after a content deployment, has been patched and the changes have been rolled back by its engineering teams.