November 14, 2024
CrowdStrike Update Causes Global Outage of Microsoft Services
CrowdStrike has caused a major global outage of Microsoft services including Windows and Office 365 following an update. The alleged issue brought the ‘blue screen of death’ (BSOD) to Windows devices across the world, with users unable to access the devices. Furthermore, the problem is also reported to have resulted in the disruption of services across information...

CrowdStrike, the endpoint security software, caused a major global outage of Microsoft services including Windows and Office 365, following an update on Friday. The alleged issue brought the ‘blue screen of death’ (BSOD) to Windows devices across the world, with users unable to access their devices. Furthermore, the problem is also reported to have resulted in the disruption of services across information technology (IT) companies, airports, banks and other sectors. 

CrowdStrike Error: What Happened

The issue seems to have surfaced following a CrowdStrikeupdate that resulted in ‘Blue Screen of Dealth’ on Windows devices. The error says “Your device ran into a problem and needs to restart”. However, restarting does not appear to solve the issue, with the device getting stuck in a boot loop.

Microsoft lists the error with the STOP code “PAGE_FAULT-IN-NONPAGED_AREA”. It is allegedly caused to due a failure of a CrowdStrike agent system file, as per the error log. 

CrowdStrike Error: Its Impact

Software status monitoring website Downdetector suggests the outage has impacted several Microsoft services including Microsoft Store and Microsoft 365. The platform also reports that 911 emergency services in several states in the US have also been affected. According to claims on social media, the CrowdStrike update error seems to have resulted in the disruption of services across institutions such as banks, airports and IT companies.

Berlin Air suspended all flights, attributing it to a “technical problem”, a spokesperson told AFP. All check-in and flight services were cancelled until 10am local time (1:30pm IST). Furthermore, several US airlines including Delta, United and American Airlines grounded their flights, with the Federal Aviation Administration (FAA) citing a communication issue.

India’s IndiGo Airlines issued a statement informing about the impact on its services, resulting in long waiting lines while checking in and errors while booking tickets. It attributed the problem to Microsoft Azure, stating that its digital experts are working on a solution. A similar statement was also issued by Akasa Air and Indian Airlines.

Media outlets were also reported to face issues due to the global outage of Microsoft services, with Australia’s Sky News being one of the ones affected. Furthermore, the London Stock Exchange (LSE), run by the LSE Group, also said it was facing an issue that prevented RNS news service from publishing on the LSE website.

As many as three Gadgets 360 staffers were impacted by the issue.

CrowdStrike Error: Response

CrowdStrike and Microsoft have both issued statements following the outage. Microsoft said that several “mitigation actions” were in process, while it also focussed on redirecting impacted traffic to “healthy systems”. As per a Reuters report, Microsoft acknowledged that the problem arose at 6pm ET (3:30am IST), with customers in its Central US area facing issues while accessing Azure services.

In a statement hidden behind a registration wall, CrowdStrike acknowledged the issue, stating it “is aware of crash reports”. On the CrowdStrike subreddit, the moderator also published a workaround for those who are still affected by it. To resolve it, it advised users to:

  1. Boot the Windows device into Safe Mode or open the Windows Recovery Environment
  2. Next, navigate to the C:WindowsSystem32driversCrowdStrike directory
  3. Find a file in the system directory matching “C-00000291*.sys”, and delete it
  4. Boot the host normally

In a subsequent response, the Texas-based cybersecurity company said that the problem, related to a “Falcon Sensor” on Windows following a content deployment, has been patched and the changes reverted by its engineering teams.