Introduction
On July 19, 2024, a significant global IT outage occurred, impacting businesses, airlines, banks, and other services. The outage was traced back to an issue with CrowdStrike, a US-based cybersecurity firm. This article provides an overview of the issue and the steps taken to resolve it.
The Issue
CrowdStrike’s Falcon Sensor, a software designed to prevent computer systems from cyber attacks, had a defect in a recent update. This defect caused Windows hosts to crash, displaying the “blue screen of death” and causing systems to get stuck at the “Recovery” screen. The issue was widespread, affecting various sectors globally.
The Solution
CrowdStrike identified the defect and deployed a fix. The solution involved booting Windows into Safe Mode or the Windows Recovery Environment, navigating to the CrowdStrike directory, locating the file matching ‘C-0000029*.sys’, and deleting it9. After these steps, the host could be booted normally.
Here are the detailed steps to resolve the issue:
1. Boot Windows into Safe Mode or the Windows Recovery Environment.
2. Navigate to the C:\\Windows\\System32\\drivers\\CrowdStrike directory.
3. Locate the file matching ‘C-0000029*.sys’, and delete it.
4. Boot the host normally.
Conclusion
The CrowdStrike outage was a significant event that disrupted services globally. However, the issue was quickly identified, and a solution was implemented. This incident underscores the importance of robust cybersecurity measures and the need for effective incident response strategies.
Please note that the steps provided above should be performed by a system administrator or someone with similar technical expertise. If you are an end-user experiencing problems, please contact your system administrator or IT support team. If you have any further questions or need additional assistance, feel free to reach out. We’re here to help