Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Guide
Tom’s Guide
Technology
Jason England

Windows Blue Screen of Death hits millions in Microsoft and CrowdStrike outage — what you need to know

Windows Blue Screen of Death.

This has not been a good day for literally any Windows PC on Earth. Businesses have been affected by a glitchy CrowdStrike security update, which is causing Windows computers to be hit by the Blue Screen of Death.

Normally, this was just isolated to an individual user’s frustrations, which are fixed by entering System Recovery. But the scope of this is so massive, that it’s impacting airlines, banks, TV channels, and even emergency services. You can follow along with the latest on this outage on our live blog.

What I want to do is take you through everything we know — what has happened so far, who has been hit, why has it happened, and what the potential fix is.

A short timeline of events

  • At around 12:15am ET on Friday morning, mass outages were being reported on Down Detector — citing a Blue Screen of Death across a whole lot of IT systems. Australia’s home affairs minister said the outage seemed to be related to a Crowdstrike issue.
  • Following this, several companies, including airports, banks and media companies went down. Updates were posted on social media, pointing towards issues with Microsoft and Crowdstrike services.
  • At 10:45am ET, Crowdstrike’s CEO posted a statement saying a “defect” was found in “a single content update to Windows hosts,” and that a “fix has been deployed.” Not much is known about the progress of said fix, as millions are still being hit hard by this.

Who is impacted?

This mass IT outage has hit a lot of companies across the globe. We’ve got a list of businesses and public services that you can check to see if they’ve been impacted.

Fortunately, it’s not *every* type of computer, as Mac and Linux users are not affected by this issue

How did it happen?

Specific details of what caused this are a little thin on the ground, but it seems to be a one-two punch of CrowdStrike and Microsoft. Based on early reports, the former seems to have been down to a security update, which packed a bug that knocked out systems.

Separately, Microsoft services also went down due to “Azure backend workloads,” which caused “connectivity failures.”

Is there a fix?

Sort of. From a global perspective, this is going to take a while. CrowdStrike CEO George Kurtz has issued a statement about it saying it is “not a cyberattack, and that the team is “fully mobilized to ensure the security and stability” of its customers.

However, as The Verge’s Tom Warren correctly points out here, the fix CrowdStrike is deploying requires machines to be online, which is… let’s say unlikely given what has happened.

On top of that, there’s concerns that this issue will require a “human visit to every machine,” to reboot every machine with a USB stick. So be extra nice to your IT admins today — they’ve got a mountain ahead of them!

However, there are three different workarounds — one published by CrowdStrike itself and two from Neowin that may work. If you’re experiencing this yourself, follow the steps below.

Method 1

  • Startup your Windows PC in Safe Mode
  • Head over to C:\Windows\System32\drivers\CrowdStrike in the File explorer
  • Search for a file called "C-00000291*.sys" and delete it
  • Restart the PC in regular mode

Method 2

  • Open Command Prompt from Recovery options
  • Head over to C:\Windows\System32\Drivers
  • Change the name of CrowdStrike to Crowdstrike_Old
  • Restart the PC

Method 3

  • Startup your Windows PC in Safe Mode
  • Open Windows Registry
  • To disable the csagent.sys from loading that seems to be causing the impact, you need to edit the following key “HKLM:\SYSTEM\CurrentControlSet\Services\CSAgent\Start” from a 1 to a 4
  • Restart the PC

Let us know in the comments if any of these options don’t work!

More from Tom's Guide

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.