We are currently addressing a global issue with CrowdStrike that has led to system crashes across Windows-based workstations and servers. This problem requires manual intervention on each affected system for resolution.
- Boot your Windows system into Safe Mode or access the Windows Recovery Environment.
- Open File Explorer and go to the C:\Windows\System32\drivers\CrowdStrike folder.
- Find and delete the file named ‘C-0000029*.sys’.
- Restart your computer in normal mode.
For current clients if you need any other assistance with these instructions, please contact the Clear Byte help desk directly at Clear Byte Help Desk.
On July 19, 2024, a routine update from CrowdStrike inadvertently caused significant disruptions for Microsoft Windows users worldwide. Intended to boost security, the update led to crashes on Windows-based workstations and servers due to a conflict with specific system files and the CrowdStrike Falcon Sensor, a crucial element of their endpoint detection system.
About CrowdStrike: Founded in 2011, CrowdStrike is a prominent cybersecurity firm known for its advanced threat intelligence, endpoint protection, and proactive security measures. The company’s Falcon platform utilizes artificial intelligence and machine learning to identify and counter cyber threats in real-time, making it a trusted solution for protecting digital assets against sophisticated cyberattacks.
What Happened: The problematic update was part of CrowdStrike’s ongoing security enhancement protocol. Unfortunately, an error during the update corrupted vital system files related to the CrowdStrike driver directory, preventing systems from booting correctly and causing widespread outages.
Impact: The issue has had a far-reaching effect, particularly in sectors like healthcare, finance, and critical infrastructure. Reports of severe disruptions have come from various organizations, with some facing complete operational shutdowns. Notably affected are airports, hospitals, and major corporations, underscoring the importance of solid cybersecurity practices and emergency planning.
Current Measures: CrowdStrike has recognized the issue and is actively developing a resolution. Meanwhile, they have issued instructions for manual intervention to alleviate the immediate effects, including steps to boot into Safe Mode, remove the corrupted files, and restart the systems. CrowdStrike’s support teams are also providing assistance to impacted clients, though response times may be delayed due to high demand.
Future Prevention: To avoid similar incidents, CrowdStrike is reevaluating their update procedures and quality assurance protocols. This includes implementing improved testing environments and stricter pre-release evaluations to detect and address potential conflicts before updates are made publicly available.
For current clients if you need any other assistance with these instructions, please contact the Clear Byte help desk directly at Clear Byte Help Desk.