Comment, Expert Guide, NewsWhat you should do if you are affected: Worldwide IT system failures due to CrowdStrike update - with consequences for IT and the economy

André Wild — 22. July 2024

Ein fehlerhaftes Update des Sicherheitsunternehmens CrowdStrike hat gestern weltweit zahlreiche Windows-Systeme lahmgelegt.

A failed update released by security company CrowdStrike paralysed numerous Windows systems worldwide.

A failed update from security firm CrowdStrike caused numerous Windows systems worldwide to shut down. The Falcon Sensor update resulted in many computers no longer being able to boot successfully. After installing the update and restarting the systems, a blue screen appeared on the affected devices.

What you should do now if you are affected by the CrowdStrike crash

As reported by golem.de, there is already a first workaround. As of today, 22 July 2024: CrowdStrike has published a statement with instructions on how to proceed and is keeping it up to date. Our partner cohesity has also published workarounds.

 

This is to delete the files C:\Windows\System32\drivers\CrowdStrike\C-00000291*.sys. The system can then be restarted as usual. These files contain kernel modules or device drivers for Falcon. After a successful restart, it is essential to check that Falcon is working properly.

 

A disaster recovery planand a cleanroom can prevent such failures and increase the company's cyber resilience: The former enables a well-defined procedure in the event of an incident. The latter ensures that a rollback via a backup functions smoothly.

André Wild

Do you have questions about the workaround or about disaster recovery and the cleanroom?

André Wild, Consultant
Phone +4917254114229

You were interested in this, then you may also be interested in...