Botched CrowdStrike security update breaks Windows worldwide, causing BSOD and crashes



 Neowin:

Multiple companies worldwide are currently forced to suspend their operations due to a faulty cybersecurity update from CrowdStrike. The update is taking down thousands of Windows computers, causing them to boot loop and crash to a blue screen of death.

Affected companies include banks, airlines, TV channels, and more, and some of them are forced to halt their jobs almost completely, with most Windows PCs not working due to the Falcon Sensor agent from CrowdStrike, a system that monitors network activity and prevents cyberattacks. One user from Malaysia said on Reddit that 70% of their laptops are now stuck in a boot loop.


UPDATE:
www.crowdstrike.com

Falcon Content Update Remediation and Guidance Hub | CrowdStrike

Access consolidated remediation and guidance resources for the CrowdStrike Falcon content update affecting Windows hosts.
www.crowdstrike.com www.crowdstrike.com

KB5042421: CrowdStrike issue impacting Windows endpoints causing an 0x50 or 0x7E error message on a blue screen - Microsoft Support

support.microsoft.com support.microsoft.com

techcommunity.microsoft.com

New Recovery Tool to help with CrowdStrike issue impacting Windows endpoints | Microsoft Community Hub

Steps for how to access and use the new recovery tool Microsoft created - updated on July 31, July 23, July 22, and July 21. The tool provides two recovery...
techcommunity.microsoft.com techcommunity.microsoft.com

www.neowin.net

How to fix CrowdStrike BSOD issue on Windows PCs [Update]

We now have the official fix from CrowdStrike on how to deal with the Falcon Sensor for Windows update error which caused a critical issue that is currently affecting tons of PCs worldwide.
www.neowin.net www.neowin.net

Recovery options for Azure Virtual Machines (VM) affected by CrowdStrike Falcon agent | Microsoft Community Hub

We are aware of an issue that started on 19 July 2024 at 04:09UTC, which resulted in customers experiencing unresponsiveness and startup failures on Windows...
techcommunity.microsoft.com techcommunity.microsoft.com
techcommunity.microsoft.com

Recovery options for Azure Virtual Desktop session host VMs

Learn how to restore and recover Azure Virtual Desktop session host VMs affected by the CrowdStrike issue.
techcommunity.microsoft.com


CrowdStrike issue impacting Windows endpoints causing an error message on a blue screen
Microsoft has identified an issue impacting Windows endpoints that are running the CrowdStrike Falcon agent. These endpoints may encounter an error message on a blue screen and experience a continual restarting state.

We have received reports of successful recovery from some customers attempting multiple restart operations on affected Windows endpoints.

To mitigate this issue, follow these steps:
  1. Start Windows into Safe Mode or the Windows Recovery Environment.
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it.
  4. Restart the device.
  5. Recovery of systems requires a Bitlocker key in some cases.
For Windows Virtual Machines running on Azure follow the mitigation steps in Azure status

Additional details from CrowdStrike are available here: Statement on Windows Sensor Update - CrowdStrike Blog

learn.microsoft.com

Windows message center

Windows message center
learn.microsoft.com


 Read more:

Helping our customers through the CrowdStrike outage - The Official Microsoft Blog

On July 18, CrowdStrike, an independent cybersecurity company, released a software update that began impacting IT systems globally. Although this was not a Microsoft incident, given it impacts our ecosystem, we want to provide an update on the steps we’ve taken with CrowdStrike and others to...
blogs.microsoft.com blogs.microsoft.com

www.neowin.net

Botched security update breaks Windows worldwide, causing BSOD and crashes

Windows systems across the world are not having a good time right now. A botched security update from CrowdStrike is taking down Windows PCs, causing blue screens of death, crashes, and more.
www.neowin.net www.neowin.net

www.bbc.co.uk

Chaos persists as IT outage could take time to fix, says cybersecurity firm boss

Airports, banking and healthcare were all hit when a Crowdstrike update triggered huge Microsoft outages.
www.bbc.co.uk

www.neowin.net

CrowdStrike CEO: It "could be some time" for all systems to recover from software outage

CrowdStrike CEO George Kurtz stated in his first TV interview since this morning's worldwide Windows-based software outage that it "could be some time" before all the systems affected by it recover.
www.neowin.net www.neowin.net

www.csoonline.com

Blue screen of death strikes crowd of CrowdStrike servers

A bad software update from security software vendor CrowdStrike has paralyzed Windows machines around the world.
www.csoonline.com www.csoonline.com
 
Last edited by a moderator:
Click to expand...
andrew129260 said:
Organizations have things set up that are out of your hands man. We don't have pxe anything. I can only change what I can change.

Also our systems are locked down and don't have that option to boot from that. It only allows boot from a locked bitlocker drive. I cannot alter the bios.

And even if we had pxe it would still be wiping the system or restoring from a backup, which you still need to touch each machine to tell it to boot from pxe.

I only have the tools I have. 🤷‍♀️

Also clients with laptops that are not in the office, good luck with that.
Click to expand...
That's exactly my point. You are toolless because they are clueless.
learn.microsoft.com

Configure a PXE server to load Windows PE (Windows 10) - Windows Deployment

This article describes how to configure a PXE server to load Windows PE so that it can be used with an image file to install Windows 10 from the network.
learn.microsoft.com
learn.microsoft.com

Wpeinit and Startnet.cmd: Using WinPE Startup Scripts

Wpeinit and Startnet.cmd: Using WinPE Startup Scripts
learn.microsoft.com
 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
antspants said:
I didn’t notice a thing and I’ve been computing online all day.
Click to expand...
Yep, no problems and I usually let my PC idle all night long. So I would have known if Windows was in fatal-kernel-error-mode.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 23H2
    Computer type
    PC/Desktop
    CPU
    Ryzen 9 5900X
    Motherboard
    ASRock B550 PG Velocita (UEFI-BIOS P3.40)
    Memory
    32 GB G.Skill F4-3200C16D-32GVR
    Graphics Card(s)
    Sparkle Titan Arc A770 16 GB
    Monitor(s) Displays
    Alienware AW3423DWF OLED ultrawide
    Hard Drives
    Western Digital Black SN850 1 TB NVMe SSD
    PSU
    eVGA Supernova 750 G3
    Case
    Corsair 275R
    Internet Speed
    VTel FTTH 1 Gb down and 1 Gb up
  • Computer type
    PC/Desktop
    CPU
    Ryzen 7 5800X3D
    Motherboard
    Asus ROG Strix B550-F Gaming (UEFI-BIOS version 3607)
    Memory
    32 GB (2x16 GB G.Skill TridentZ Neo)
    Graphics card(s)
    Sapphire Nitro+ Radeon RX 6750 XT
    Hard Drives
    Samsung 970 Pro 512 GB NVMe SSD
    PSU
    eVGA Supernova 650 GQ
    Case
    Fractal Focus G
RJARRRPCGP said:
Yep, no problems and I usually let my PC idle all night long. So I would have known if Windows was in fatal-kernel-error-mode.
Click to expand...
thats because you dont use crowdstrike :)
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
thats because you dont use crowdstrike :)
Click to expand...
I then quickly knew it was a CrowdStrike issue, even when I went to a video reporting this, because I wasn't having new crash issues with the July patch-Tuesday.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 23H2
    Computer type
    PC/Desktop
    CPU
    Ryzen 9 5900X
    Motherboard
    ASRock B550 PG Velocita (UEFI-BIOS P3.40)
    Memory
    32 GB G.Skill F4-3200C16D-32GVR
    Graphics Card(s)
    Sparkle Titan Arc A770 16 GB
    Monitor(s) Displays
    Alienware AW3423DWF OLED ultrawide
    Hard Drives
    Western Digital Black SN850 1 TB NVMe SSD
    PSU
    eVGA Supernova 750 G3
    Case
    Corsair 275R
    Internet Speed
    VTel FTTH 1 Gb down and 1 Gb up
  • Computer type
    PC/Desktop
    CPU
    Ryzen 7 5800X3D
    Motherboard
    Asus ROG Strix B550-F Gaming (UEFI-BIOS version 3607)
    Memory
    32 GB (2x16 GB G.Skill TridentZ Neo)
    Graphics card(s)
    Sapphire Nitro+ Radeon RX 6750 XT
    Hard Drives
    Samsung 970 Pro 512 GB NVMe SSD
    PSU
    eVGA Supernova 650 GQ
    Case
    Fractal Focus G
andrew129260 said:
I understand your opinion I really do. But it's not a perfect world, and I cannot change corporate policy. Many companies are not going to pay to have two different antivirus companies so that this doesn't happen. Or have the team or resources to test each antivirus update. Or if the antivirus even offers a management console to begin with to deny or approve updates.

I know it seems easy to just have backups in place and just have a solution, but that is not always possible. Also not everyone in IT is as smart as a lot of the people in here. I know I am not. I do what I can with what I have. And that is all I can do. I learn as much as I can.

Corporate especially is a whole other animal. Trying to get them to do the right thing or have good procedures is like pulling teeth.

Maybe there is things they could do, but I just don't think its practical enough. stuff happens. And unfortunately many people and organizations it happened today.
Click to expand...
I’m not unsympathetic to your troubles, Andrew 🙏 It’s a horrible status.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 Build 22631.4249
    Computer type
    PC/Desktop
    Manufacturer/Model
    Sin-built
    CPU
    Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz (4th Gen?)
    Motherboard
    ASUS ROG Maximus VI Formula
    Memory
    32.0 GB of I forget and the box is in storage.
    Graphics Card(s)
    Gigabyte nVidia GeForce GTX 1660 Super OC 6GB
    Sound Card
    Onboard
    Monitor(s) Displays
    4 x LG 23MP75 - 2 x 24MK430H-B - 1 x Wacom Pro 22" Tablet
    Screen Resolution
    All over the place
    Hard Drives
    Too many to list.
    OS on Samsung 1TB 870 QVO SATA
    PSU
    Silverstone 1500
    Case
    NZXT Phantom 820 Full-Tower Case
    Cooling
    Noctua NH-D15 Elite Class Dual Tower CPU Cooler / 6 x EziDIY 120mm / 2 x Corsair 140mm somethings / 1 x 140mm Thermaltake something / 2 x 200mm Corsair.
    Keyboard
    Corsair K95 / Logitech diNovo Edge Wireless
    Mouse
    Logitech G402 / G502 / Mx Masters / MX Air Cordless
    Internet Speed
    100/40Mbps
    Browser
    All sorts
    Antivirus
    Kaspersky Premium
    Other Info
    I’m on a horse.
  • Operating System
    Windows 11 Pro 23H2 Build: 22631.4249
    Computer type
    Laptop
    Manufacturer/Model
    LENOVO Yoga 7i EVO OLED 14" Touchscreen i5 12 Core 16GB/512GB
    CPU
    Intel Core 12th Gen i5-1240P Processor (1.7 - 4.4GHz)
    Memory
    16GB LPDDR5 RAM
    Graphics card(s)
    Intel Iris Xe Graphics Processor
    Sound Card
    Optimized with Dolby Atmos®
    Screen Resolution
    QHD 2880 x 1800 OLED
    Hard Drives
    M.2 512GB
    Other Info
    …still on a horse.
andrew129260 said:
thats because you dont use crowdstrike :)
Click to expand...
lmao

aE0nYyp_700bwp.webp
 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
I wish I could laugh emoji that post way more than possible. oh yeah, and cry
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
I wish I could laugh emoji that post way more than possible. oh yeah, and cry
Click to expand...
At least when I made a big whoops back in 1995 or 1994, most likely, (maybe 1996? Even when I have a doubt about that!) when I ended up deleting a file that turned out to be for Novell Netware on a Windows 3.1 computer, IIRC, back when I still hardly knew about computers, nothing got taken out anything campus-wide. Just that the PC for the group home I was in, couldn't log in! I suddenly saw an error message about a Netware file being missing, when in Windows 3.1, IIRC.
I learned and made sure to never make a whoops like that again!
 
Last edited:

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 23H2
    Computer type
    PC/Desktop
    CPU
    Ryzen 9 5900X
    Motherboard
    ASRock B550 PG Velocita (UEFI-BIOS P3.40)
    Memory
    32 GB G.Skill F4-3200C16D-32GVR
    Graphics Card(s)
    Sparkle Titan Arc A770 16 GB
    Monitor(s) Displays
    Alienware AW3423DWF OLED ultrawide
    Hard Drives
    Western Digital Black SN850 1 TB NVMe SSD
    PSU
    eVGA Supernova 750 G3
    Case
    Corsair 275R
    Internet Speed
    VTel FTTH 1 Gb down and 1 Gb up
  • Computer type
    PC/Desktop
    CPU
    Ryzen 7 5800X3D
    Motherboard
    Asus ROG Strix B550-F Gaming (UEFI-BIOS version 3607)
    Memory
    32 GB (2x16 GB G.Skill TridentZ Neo)
    Graphics card(s)
    Sapphire Nitro+ Radeon RX 6750 XT
    Hard Drives
    Samsung 970 Pro 512 GB NVMe SSD
    PSU
    eVGA Supernova 650 GQ
    Case
    Fractal Focus G
Crowdstrike must use the same QA team as Microsoft! None.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2
    Computer type
    PC/Desktop
    Manufacturer/Model
    Homegrown
    CPU
    AMD 5950X
    Motherboard
    Asus ROG Crosshair VIII Dark Hero
    Memory
    128GB
    Graphics Card(s)
    NVidia RTX 4070TI Super
    Sound Card
    Built-in Realtec Audio
    Monitor(s) Displays
    2x Dell 27"
    Screen Resolution
    2560x1440
    Hard Drives
    OS = Western Digital Black NVME 2TB
    DATA = Sabrent Rocket NVME 1TB
    2x Samsung SSD (Virtual Machines)
    3x Western Digital (4TB, 6TB & 8TB)
    PSU
    Corsair CM1000
    Case
    Corsair 700D
    Cooling
    Corsair H115i RGB Pro XT
    Keyboard
    Corsair Strafe 2
    Mouse
    Logitech Trackball
  • Operating System
    Pop!_OS 22.04
    Computer type
    Laptop
    Manufacturer/Model
    System76/Gazelle
    CPU
    i7-10750H
    Memory
    64GB
    Graphics card(s)
    NVIDIA GeForce GTX 1650 Ti Mobile
    Screen Resolution
    1920x1080
    Hard Drives
    1TB Samsung 970 Evo Plus
Las Vegas

d9b
 

My Computers

System One System Two

  • OS
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Asus TUF Gaming F16 (2024)
    CPU
    i7 13650HX
    Memory
    16GB DDR5
    Graphics Card(s)
    GeForce RTX 4060 Mobile
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    512GB SSD internal
    37TB external
    PSU
    Li-ion
    Cooling
    2× Arc Flow Fans, 4× exhaust vents, 5× heatpipes
    Keyboard
    Logitech K800
    Mouse
    Logitech G402
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
  • Operating System
    11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Medion S15450
    CPU
    i5 1135G7
    Memory
    16GB DDR4
    Graphics card(s)
    Intel Iris Xe
    Sound Card
    Eastern Electric MiniMax DAC Supreme; Emotiva UMC-200; Astell & Kern AK240
    Monitor(s) Displays
    Sony Bravia XR-55X90J
    Screen Resolution
    3840×2160
    Hard Drives
    2TB SSD internal
    37TB external
    PSU
    Li-ion
    Mouse
    Logitech G402
    Keyboard
    Logitech K800
    Internet Speed
    20Mbit/s up, 250Mbit/s down
    Browser
    FF
RD Mercer said:
Can't wait to see what CrowdStrike does with all of the electronic voting machines on election day here. I wonder is this a test run for the "UPDATE” they’re going to install on the voting machines this November?
Click to expand...
1M.jpg

My Crowdstrike stock took a hit today, down 11%...still up 128% since I bought it ;)

ExEb8zF.jpg

d4stUcb.jpg

A Guy
 

My Computers

System One System Two

  • OS
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    INTEL Core i5-11400
    Motherboard
    ASUS PRIME H570-PLUS
    Memory
    KINGSTON HyperX Fury Black DDR4 16GB (2 x 8GB) 3200MHz, CL16
    Graphics Card(s)
    EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1920 x 1080
    Hard Drives
    SAMSUNG 250GB 970 EVO Plus NVMe, M.2 SSD, Crucial 250GB MX500, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    CORSAIR RM550x 80 PLUS Gold 550W
    Case
    ANTEC P10 FLUX
    Cooling
    be quiet! Pure Rock 2, 5 x 120 mm Case Fans
    Internet Speed
    480 + Mbps Up/ 12+ Mbps Down
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
  • Operating System
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel Core i5-750
    Motherboard
    ASUS P7P55D
    Memory
    Kingston HyperX Fury Black 8GB (2x4GB) DDR3-1600MHz CL8
    Graphics card(s)
    MSI GeForce GT 240 N240GT-MD1G/D5 1 GB DDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1980x1040
    Hard Drives
    Samsung Electronics 840 EVO 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    Antec TruePower New TP-550 550W
    Case
    Antec 300
    Cooling
    Cooler Master Hyper 212+, 4 Noctua NF-P12 120mm, 1 Noctua NF-P14 FLX
    Internet Speed
    480+ Mbps Down/12+Mbps Up
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
@andrew129260

This was the fix:

del /f /q "C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"

After doing that everything was back to normal.

Yes, easy to understand, EXCEPT:

if, as you surely point out, these CrowdStrike updates are silently automated, then having deleted the little beggar and rebooting, you must be in exactly the same situation because naughty sys file will auto load again. That is, a corrupted update is again causing continuous Blue Screening. Unless, either CrowdStrike has replaced the corrupt sys file so the replacement is now auto loaded and hunky dory eats ice cream; or after deleting the delinquent but before reboot you disconnect from the internet, following which you have an uncorrupted PC working flawlessly but unable to perform normal net contact.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP 15s_du1xxx
    CPU
    Intel i5 10210U
    Motherboard
    85F1
    Memory
    16Gb
    Graphics Card(s)
    Intel UHD
    Sound Card
    Realtek
    Screen Resolution
    1920 x 1080
RJARRRPCGP said:
At least when I made a big whoops back in 1995 or 1994, most likely, (maybe 1996? Even when I have a doubt about that!) when I ended up deleting a file that turned out to be for Novell Netware on a Windows 3.1 computer, IIRC, back when I still hardly knew about computers, nothing got taken out anything campus-wide. Just that the PC for the group home I was in, couldn't log in! I suddenly saw an error message about a Netware file being missing, when in Windows 3.1, IIRC.
I learned and made sure to never make a whoops like that again!
Click to expand...
Oh jeez, I remember zenworks from novell. Used that at a school district at my last job before they switched over to AD. It was terrible.

ian50 said:
@andrew129260

This was the fix:

del /f /q "C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys"

After doing that everything was back to normal.

Yes, easy to understand, EXCEPT:

if, as you surely point out, these CrowdStrike updates are silently automated, then having deleted the little beggar and rebooting, you must be in exactly the same situation because naughty sys file will auto load again. That is, a corrupted update is again causing continuous Blue Screening. Unless, either CrowdStrike has replaced the corrupt sys file so the replacement is now auto loaded and hunky dory eats ice cream; or after deleting the delinquent but before reboot you disconnect from the internet, following which you have an uncorrupted PC working flawlessly but unable to perform normal net contact.
Click to expand...
Yeah the update was patched on their end that updated the definitions & driver. You just had to do the fix and then once they booted up and got the newest update all was well. Took only a few minutes of being logged in for the new update to apply and fix it.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
Oh jeez, I remember zenworks from novell. Used that at a school district at my last job before they switched over to AD. It was terrible.


Yeah the update was patched on their end that updated the definitions & driver. You just had to do the fix and then once they booted up and got the newest update all was well. Took only a few minutes of being logged in for the new update to apply and fix it.
Click to expand...
I went from being a big-time computer dummy to actually knowing how to fix an OS in 1997. I ran DOS like a boss in 1997, 1998 and 1999!
Same with Windows! Even when I thought Windows 95 was a bit tricky at first.

I suddenly was trying hard to become a system software fixer, and it paid off!

My "late-bloomer-syndrome" made me behind in 1994, 1995 and 1996.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64 23H2
    Computer type
    PC/Desktop
    CPU
    Ryzen 9 5900X
    Motherboard
    ASRock B550 PG Velocita (UEFI-BIOS P3.40)
    Memory
    32 GB G.Skill F4-3200C16D-32GVR
    Graphics Card(s)
    Sparkle Titan Arc A770 16 GB
    Monitor(s) Displays
    Alienware AW3423DWF OLED ultrawide
    Hard Drives
    Western Digital Black SN850 1 TB NVMe SSD
    PSU
    eVGA Supernova 750 G3
    Case
    Corsair 275R
    Internet Speed
    VTel FTTH 1 Gb down and 1 Gb up
  • Computer type
    PC/Desktop
    CPU
    Ryzen 7 5800X3D
    Motherboard
    Asus ROG Strix B550-F Gaming (UEFI-BIOS version 3607)
    Memory
    32 GB (2x16 GB G.Skill TridentZ Neo)
    Graphics card(s)
    Sapphire Nitro+ Radeon RX 6750 XT
    Hard Drives
    Samsung 970 Pro 512 GB NVMe SSD
    PSU
    eVGA Supernova 650 GQ
    Case
    Fractal Focus G

My Computers

System One System Two

  • OS
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    INTEL Core i5-11400
    Motherboard
    ASUS PRIME H570-PLUS
    Memory
    KINGSTON HyperX Fury Black DDR4 16GB (2 x 8GB) 3200MHz, CL16
    Graphics Card(s)
    EVGA GeForce GTX 750 Superclocked 1GB 128-Bit GDDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1920 x 1080
    Hard Drives
    SAMSUNG 250GB 970 EVO Plus NVMe, M.2 SSD, Crucial 250GB MX500, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    CORSAIR RM550x 80 PLUS Gold 550W
    Case
    ANTEC P10 FLUX
    Cooling
    be quiet! Pure Rock 2, 5 x 120 mm Case Fans
    Internet Speed
    480 + Mbps Up/ 12+ Mbps Down
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
  • Operating System
    Windows 10 Home x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom
    CPU
    Intel Core i5-750
    Motherboard
    ASUS P7P55D
    Memory
    Kingston HyperX Fury Black 8GB (2x4GB) DDR3-1600MHz CL8
    Graphics card(s)
    MSI GeForce GT 240 N240GT-MD1G/D5 1 GB DDR5
    Monitor(s) Displays
    LG 32MA68HY 32" IPS
    Screen Resolution
    1980x1040
    Hard Drives
    Samsung Electronics 840 EVO 120GB, SEAGATE 500GB Barracuda® 7200.12, SATA 3 Gb/s, 7200 RPM, 16MB cache
    PSU
    Antec TruePower New TP-550 550W
    Case
    Antec 300
    Cooling
    Cooler Master Hyper 212+, 4 Noctua NF-P12 120mm, 1 Noctua NF-P14 FLX
    Internet Speed
    480+ Mbps Down/12+Mbps Up
    Browser
    Vivaldi Snapshot
    Antivirus
    Avast
Well if this is what happens when it's "just a simple software error" then imagine what a real concerted attack could do.

All this outsourcing etc exacerbates this problem to the nth degree. Maybe businesses should not always be striving to get the cheapest possible cost solutions but be slightly more responsible towards their customers etc. What happens if you are trying to check out of a hotel room in a foreign country where the banking / credit card system has failed or you can't get even small amounts of cash from machines. (Amex is OK though --their system was still working -- probably worth the yearly fee for a decent credit card as I've never known it in years to go down).

As for Windows itself -- shouldn't corporations / work places keep backup images so if Windows doesn't boot properly the last working copy gets automatically restored. Perhaps time also for big corporations to switch to Unix / Linux servers and for their Windows clients serve them as Windows VM's where the main internet connections is via the UNIX / LINUX gateway / proxy so the security could be based on the Unix type system which is far more robust than Windows.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
jimbo45 said:
As for Windows itself -- shouldn't corporations / work places keep backup images so if Windows doesn't boot properly the last working copy gets automatically restored
Click to expand...

Windows was booting up correctly. The bsod was happening a little bit after the logon screen appeared.. So automated systems that looks for this including windows itself could not fix the issue because technically it booted windows just fine.

This was a low level driver because it was an antivirus. So it unfortunately has more capabilities of bringing the system down vs just a regular app or driver.

These low level types of drivers need full admin rights to install and must be digitally signed as well.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
andrew129260 said:
Windows was booting up correctly. The bsod was happening a little bit after the logon screen appeared.. So automated systems that looks for this including windows itself could not fix the issue because technically it booted windows just fine.

This was a low level driver because it was an antivirus. So it unfortunately has more capabilities of bringing the system down vs just a regular app or driver.

These low level types of drivers need full admin rights to install and must be digitally signed as well.
Click to expand...

It still seems a bit of a risky method judging by the numbers of machines effected. Surely there has to be a better way of managing these updates --- perhaps - certainly on Unix type systems one could "replay the system logs" which would contain details of client machine logons (windows or otherwise) and start roll back jobs for the machines that crashed. Easy enough to record IP of each client, ping it and if it fails then initiate recovery. You can use all sorts of Linux / Unix utilities to recover Windows images - too e.g dd, rsync etc. You don't have to be an I.T genius to work something simple out such as this.

I still though don't understand a) why this stuff was rolled out on a Friday morning, b) there weren't immediate backup servers available, and c) robust testing obviously wasn't done

Once the windows update had been loaded on to the client machines then obviously you are in BIG trouble since a lot of these machines could only be fixed manually --- and many companies have outsourced entire I.T depts so getting individuals available to fix the machines will take far longer than if the technicians were in house. Definitely new procedures need to be designed and implemented.

Cheers
jimbo
 

My Computer

System One

  • OS
    Windows XP,7,10,11 Linux Arch Linux
    Computer type
    PC/Desktop
    CPU
    2 X Intel i7

My Computers

System One System Two

  • OS
    Windows 11 Pro
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Ryzen 7 5700 X3D
    Motherboard
    MSI MPG B550 GAMING PLUS
    Memory
    64 GB DDR4 3600mhz Gskill Ripjaws V
    Graphics Card(s)
    RTX 4070 Super , 12GB VRAM Asus EVO Overclock
    Monitor(s) Displays
    Gigabyte M27Q (rev. 2.0) 2560 x 1440 @ 170hz HDR
    Hard Drives
    2TB Samsung nvme ssd
    2TB XPG nvme ssd
    PSU
    CORSAIR RMx SHIFT Series™ RM750x 80 PLUS Gold Fully Modular ATX Power Supply
    Case
    CORSAIR 3500X ARGB Mid-Tower ATX PC Case – Black
    Cooling
    ID-COOLING FROSTFLOW X 240 CPU Water Cooler
    Internet Speed
    900mbps DOWN, 100mbps UP
  • Operating System
    Chrome OS
    Computer type
    Laptop
    Manufacturer/Model
    HP Chromebook
    CPU
    Intel Pentium Quad Core
    Memory
    4GB LPDDR4
    Monitor(s) Displays
    14 Inch HD SVA anti glare micro edge display
    Hard Drives
    64 GB emmc
You must log in or register to reply here.

Similar threads

  • Article Article
Known and Resolved issues for Windows 11 version 22H2
4 5 6
Replies
116
Views
50K
siliconbeaver
S

Latest Support Threads

Latest Tutorials

Back
Top Bottom