On July 19, 2024, many organizations experienced significant disruptions due to a critical issue with CrowdStrike’s Falcon Sensor. This incident resulted in Blue Screen of Death (BSOD) errors, causing a global IT outage that impacted businesses relying on CrowdStrike for endpoint security.

What Happened?

The issue was caused by a bug in an update to the CrowdStrike Falcon Sensor, which led to BSOD errors across multiple systems. This disruption caused significant downtime and operational inefficiencies. Falcon Sensor is an agent designed to block attacks on systems while capturing and recording real-time activity to detect threats quickly. Unfortunately, in this instance, the sensor itself caused system crashes due to the faulty update.

CrowdStrike quickly acknowledged the problem and worked on a fix to prevent further issues.

The Fix

CrowdStrike’s chief threat hunter, Brody Nisbet, provided a temporary workaround to address the issue:

1. Boot Windows into Safe Mode or Windows Recovery Environment (WRE).
2. Navigate to C:\Windows\System32\drivers\CrowdStrike.
3. Locate and delete the file matching “C-00000291*.sys”.
4. Boot the system normally.

For workarounds, please click here for live updates from Crowdstrike.

CrowdStrike engineers are actively working on a permanent solution. Organizations are advised to promptly apply any forthcoming patches to ensure the issue is resolved.

Ensuring Robust IT Needs Post-Incident

This incident highlights the importance of having a comprehensive IT strategy that includes rapid incident response capabilities. At Jolera, we offer a suite of IT solutions designed to ensure system stability and quick recovery from incidents like the CrowdStrike outage.

In light of recent events, it’s crucial for organizations to evaluate their current IT measures and ensure they have robust incident response plans in place. If your organization was affected by the CrowdStrike outage or you need assistance with your IT needs, contact us at [email protected], [email protected]. We will place priority on these requests to provide rapid assistance and help stabilize your systems against future issues.