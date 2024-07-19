TL;DR Windows is experiencing a major outage, as many business computers are experiencing a Blue Screen of Death (BSOD) when trying to boot.

The outage has vastly impacted businesses like banks, airlines and airports, emergency services, and more.

The issue relates to a faulty CrowdStrike update, but the fix will likely have to be manually applied to all affected machines.

If you are trying to log into your work computer this morning and have been greeted with a Blue Screen of Death (BSOD) on that Windows machine, you are not alone. Windows seems to be facing a major outage that has widely affected businesses all over the world, with reports from regions including the US, EU, SEA, and more.

Something super weird happening right now: just been called by several totally different media outlets in the last few minutes, all with Windows machines suddenly BSoD’ing (Blue Screen of Death). Anyone else seen this? Seems to be entering recovery mode: pic.twitter.com/DxdLyA9BLA — Troy Hunt (@troyhunt) July 19, 2024

This issue is impacting businesses across the spectrum, including, but not limited to, banks, airlines and airports, transport systems, media houses, emergency services, and more.

🔺 ALL 9-1-1 AND NON EMERGENCY CALLS ARE BEING REROUTED TO ANOTHER EMERGENCY COMMUNICATIONS CENTER — 911 Emergency Communications Dispatcher (@EastCoastAlert) July 19, 2024

As you can imagine, chaos has erupted over such a widespread global outage, grinding many critical businesses to a halt as entire organizations have been unable to access their work computers.

Airlines have even had to resort to issuing handwritten boarding passes as the outage has vastly impacted the functioning of airports.

The Microsoft / CrowdStrike outage has taken down most airports in India. I got my first hand-written boarding pass today 😅 pic.twitter.com/xsdnq1Pgjr — Akshay Kothari (@akothari) July 19, 2024

The issue is being pinned to a faulty update from CrowdStrike, a cybersecurity provider that helps detect and respond to cyberattacks like ransomware. All of these businesses rely on CrowdStrike’s Falcon threat checker, and are unable to function consequently.

CrowdStrike has confirmed an issue on its backend and also publicly acknowledged an issue through a Reddit post.

For the time being, CrowdStrike recommends the following workaround: Boot Windows into Safe Mode or the Windows Recovery Environment. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory Locate the file matching “C-00000291*.sys” and delete it. Boot the host normally. This workaround will likely need to be carried out by your organization’s IT team. If you are facing the issue, contact your IT team. Given the scale of disruption, there is a chance that they already know about the issue and how to fix it, but fixing it will take time.

CrowdStrike CEO and President George Kurtz issued the following statement:

While the issue has been detected and the faulty update has been reverted, this hasn’t helped businesses come back online until they delete the problematic file, which may be very difficult in many instances. Since the computers are bootlooping into death, they are unable to receive the reverted update. For businesses that rely on thousands of working machines, fixing them manually is going to take quite some time.

We will update the article when we have more information about this to share. For now, if you are impacted and are not part of your organization’s IT team, there is very little that you can do.

