“We needed to find solutions to a variety of issues whilst being a complex business, operating in a 24/7 environment. Stripe OLT listened and understood immediately the challenges we faced.”
CrowdStrike Windows Outage
Across the world, Windows computers have by effected the dreaded Blue Screen of Death (BSOD). This appears to have been caused by an outage of services provided by cyber security provider, CrowdStrike, and has impacted a large number of organisations – from banks to airlines.
According to recent announcements, “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” CrowdStrike CEO George Kurtz said on X. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.“
Information has been released on the CrowdStrike website, stating that:
CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.
- Channel file “C-00000291*.sys” with timestamp of 0409 UTC is the problematic version.
- Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.
- Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted.
- Windows hosts which are brought online after 0527 UTC will also not be impacted
- Hosts running Windows 7/2008 R2 are not impacted
- This issue is not impacting Mac- or Linux-based hosts
- Channel file “C-00000291*.sys” with timestamp of 0527 UTC or later is the reverted (good) version.
Stripe OLT’s clients have not been affected by the issue, but for those who have, or who have customers or suppliers that are concerned about their own systems, you can read the full update from CrowdStrike here: Statement on Falcon Content Update for Windows Hosts – crowdstrike.com
Microsoft are of course aware of the issue:
Microsoft said it is taking “mitigation actions” after service issues it said started at about 6 p.m. Eastern Time.
They comment further saying, “We’re aware of an issue affecting Windows devices due to an update from a third-party software platform.”
If you are a user of CrowdStrike software, and have been impacted by outage, the advisories are currently to follow these steps to recover your systems:
1) Boot Windows into Safe Mode or the Windows Recovery Environment
2) Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
3) Locate the file matching “C-00000291*.sys”, and delete it.
4) Boot the host normally.
For those that are concerned about the security of their organisation, please reach out to our team via hello@stripeolt.com.