BACK TO BLOG

Global IT outage: What caused the CrowdStrike incident affecting banks, airlines and media outlets?

Written by

Jayakumar KB.

First published on July 19, 2024. Last updated on July 19, 2024.

A software outage on Friday crippled the airlines, TV stations and supermarkets, leaving flights grounded and newsreaders scrambling to fill air time.

The outage appears global in nature, impacting millions of systems across the globe, and seems related to US cybersecurity provider CrowdStrike, and its software called the Falcon Sensor.

What is CrowdStrike Falcon?

rowdStrike is one of the world’s largest cybersecurity vendors, providing thousands of businesses across the world with software to defend against viruses and cyberattacks. CrowdStrike Falcon is the company’s software that sits in the background on many corporate systems, detecting any viruses and cyber threats.

How did the outage happen?

The outage caused Microsoft laptops and PCs to show a “blue screen of death”, meaning workers and users were unable to access their systems. The outage seemed to begin at around midday on Friday AEST, and affected users in the US before hitting Others.

“We’re aware of a widespread issue causing BSOD errors on Windows machines across various sensor versions,” a CrowdStrike representative said in a forum post.

Why was Microsoft affected so much?

While Microsoft was not the source of the outage, CrowdStrike’s Falcon software is used primarily on Microsoft Windows systems, rather than Apple Macs, for example. Microsoft said in a statement on X that it was investigating the incident.

Will my home computer be affected?

No, CrowdStrike’s Falcon software is used primarily on large business and enterprise systems, rather than home Windows PCs. Your computer shouldn’t be impacted by the issue.

Is there a fix?

CrowdStrike has issued advice about a temporary workaround.

Here’s what the tech company says you should do:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment (you can do that by holding down the F8 key before the Windows logo flashes on screen)
  2. Navigate to the C:\Windows\System32\drivers\Crowdstrike directory
  3. Locate the file matching “C-00000291*.sys” file, right click and rename it to “C-00000291*.renamed”
  4. Boot the host normally.