Good morning,
Summary: Organizations, including government and Public Safety agencies, are reporting a “blue screen of death” and reboot loop on systems with a Crowdstrike Update that was deployed overnight by the vendor. For any organization with Crowdstrike endpoint security solution deployed we suggest implementing the below workaround steps.
CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. Details Symptoms include hosts experiencing a bugcheckblue screen error related to the Falcon Sensor. Current Action CrowdStrike Engineering has identified a content deployment related to this issue and reverted those changes. If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to workaround this issue:
Workaround Steps:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:WindowsSystem32driversCrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it.
- Boot the computer normally.
Instructions for Booting Windows into Safe Mode: https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-in-windows-92c27cff-db89-8644-1ce4-b3e5e56fe234
Latest Updates 2024-07-19 05:30 AM UTC | Tech Alert Published. 2024-07-19 06:30 AM UTC | Updated and added workaround details.
