Microsoft global outage: CrowdStrike CEO addresses disruption, says, ‘Fix already deployed, it’s not a cyberattack.’

CrowdStrike's President and CEO, George Kurtz, has addressed the widespread disruptions caused by a recent update to the company's Falcon sensor. This update has left numerous PCs stuck at the recovery screen, significantly impacting operations at airports, companies, banks, and government offices worldwide.

In a post on X, Kurtz reassured customers and stakeholders, stating, “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated, and a fix has been deployed.”

Kurtz emphasized that CrowdStrike is fully committed to resolving the problem and restoring normal operations. He directed affected customers to the company's support portal for the latest updates and assured continuous communication through their website.

“We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers,” he added.

The global outage has raised concerns about the reliability of software updates and their potential to disrupt critical infrastructure. The company has rolled back the problematic update and released fixes to address the crashes. Despite this, some Windows hosts continue to experience the Blue Screen of Death (BSOD) associated with the Falcon sensor.

To address the workflow disruption in India, Union Minister of Information and Technology, Ashwini Vaishnaw, has announced that the Ministry of Electronics and Information Technology (MEITY) is collaborating with Microsoft and its partners to tackle a widespread Windows 10 outage.

Moreover, the CERT-In has also issued an advisory (CIAD-2024-0035) detailing the issue. The advisory notes that affected Windows hosts are crashing due to the recent update from CrowdStrike.

To resolve this, users are advised to follow these steps:

Boot Windows in Safe Mode or Windows Recovery Environment.

Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.

Delete the file matching "C-00000291*.sys".

Reboot the system normally.