CrowdStrike has issued a fix for a problematic update that caused numerous Windows systems to experience the Blue Screen of Death (BSOD), rendering them inoperable.
This issue, which did not affect Mac or Linux hosts, was not a result of a security incident or cyberattack but stemmed from a defect in a single content update for Windows hosts.
The problem was traced to the Falcon Sensor update, specifically the channel file “C-00000291*.sys,” with a timestamp of 0409 UTC, which caused systems to crash with a BSOD error.
Protect Your Business Emails From Spoofing, Phishing & BEC with AI-Powered Security | Free Demo
CrowdStrike’s engineering team quickly identified and isolated the issue, reverting the changes and deploying a fix. The updated channel file, now with “C-00000291*.sys” with the timestamp of 0527 UTC or later, should prevent further occurrences of the error.
Systems that have not been impacted do not require any action, and those brought online after 0527 UTC will also not be affected.
The faulty update significantly impacted various sectors, including banks, airlines, supermarkets, and television broadcasters, causing widespread disruption.
IT administrators were advised to manually boot affected systems into Safe Mode or the Windows Recovery Environment to delete the problematic driver file. This workaround, while effective, often required physical access to the machines and could be complicated by disk encryption tools like BitLocker.
CrowdStrike has also provided solutions for addressing AWS, Azure, and Bitlocker recovery issues.
The incident underscores the risks associated with automatic updates for security software and highlights the need for rigorous testing and staged rollout policies.
Join our free webinar to learn about combating slow DDoS attacks, a major threat today.
In a sweeping directive aimed at streamlining the Department of Homeland Security (DHS) operations, Acting…
The much-anticipated Pwn2Own Automotive 2025 kicked off today at Tokyo Big Sight, showcasing the cutting…
A critical security flaw in Windows File Explorer, identified as CVE-2024-38100, has been actively exploited,…
Over 1,000 malicious domains have been identified that impersonate popular platforms like Reddit and WeTransfer…
A new ransomware threat dubbed "Helldown" has emerged, actively exploiting vulnerabilities in Zyxel firewall devices…
A former CIA analyst, Asif William Rahman, 34, pleaded guilty today to unlawfully retaining and…