CrowdStrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

[MacRumors]

A widespread system failure is currently affecting numerous Windows devices globally, causing critical boot failures across various industries, including banks, rail networks, airlines, retailers, broadcasters, healthcare, and many more sectors. The issue, manifesting as a Blue Screen of Death (BSOD), is preventing computers from starting up properly and forcing them into continuous recovery cycles.

The cause of the failure has been identified as an update to CrowdStrike Falcon antivirus software installed on Windows 10 PCs, but Mac and Linux machines running the same cybersecurity software have been spared. CrowdStrike, which specializes in endpoint security protection for corporate networks, has just released the following statement:

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts.

"Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.

"The issue has been identified, isolated and a fix has been deployed.

"We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.

"We further recommend organisations ensure they're communicating with CrowdStrike representatives through official channels.

"Our team is fully mobilized to ensure the security and stability of CrowdStrike customers."

Unfortunately, the nature of the problem means that fixing it isn't as simple as installing a patch. The workaround to break the infinite boot cycle on affected Windows machines involves manually booting into safe mode, navigating to the CrowdStrike directory, and deleting the system file that caused the problem. As such, it could be a while before all services impacted by the content update are back up and running.

For those who have a Windows machine that has succumbed to the botched update (now rolled back), CrowdStrike has outlined the following steps system admins need to take to get back up and running:

1. Boot Windows into Safe Mode or the Windows Recovery Environment.
2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory.
3. Locate the file matching 'C-00000291*.sys', and delete it.
4. Boot the host normally.

As expected, Apple's system status webpage shows no issues with its services, however there have been scattered reports of problems with contactless payments across some businesses, which could prevent Apple Pay transactions from being processed.

Article Link: CrowdStrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected

 

[picpicmac]

So this is how it all ends...

 

[Chet-NYC]

I was able to do the daily transaction update my Mac version of Quicken this morning, but not the Windows version.

Apple for the win. Again.

 

[Mrkevinfinnerty]

Troubleshooting steps

1. Shut down your PC
2. Get a mac.

 

[multipasser]

Great time to short stock for crowdstrike

 

[Godspeed8230]

When did the outage start in the US? I assume the update was deployed on Thursday, wasn't it?
Because:

https://www.reddit.com/r/wallstreetbets/comments/1e6ms9z

 

[fatTribble]

As a software engineer who has been through many releases, some better than others, I can imagine the chaos going on behind the scenes. Of course I feel for all those impacted too.

 

[DelayedGratificationGene]

FBI unlocks shooter Android in 40 minutes would take them 40 weeks for an iPhone and now in PC Land…”Houston we have a problem”.

 

[Loismustdie1]

Pour one out for us IT folks. We are NOT okay this morning and for some of us, very sleep deprived.

 

[SamboSoul]

Troubleshooting steps

1. Shut down your PC
2. Get a mac.

Yeah, let me run this past my CFO quickly, he’d be thrilled to replace ~100k Windows computers in our corporate environment

 

[dannyyankou]

Yesterday my PC at work kept freezing and got the blue screen of death. I wonder if it was related. Probably a coincidence though.

 

[krspkbl]

it’s actually insane how much the world relies on Microsoft. some people will take a cheap kick at them (“buy a Mac” “apple for the win”) but Apple stands no chance of ever coming close to Microsoft’s dominance. Entire countries would grind to a halt without them. This is just a taster of what could happen

I know for a fact my work would never switch to Mac. They are using the bare minimum specs to run Windows 10. So yeah we aren’t about to buy Macs for everyone lmao. Also, it would be such a headache. People freak out at the slightest change so switching to a completely different OS sounds like a nightmare. I’m dreading the day when we move to Windows 11 (I actually like W11 and use it as my main OS).

My PC at work was fine today thankfully! Glad it’s the weekend so hopefully no issues on Monday.

 

[God of Biscuits]

MacRumors, your headline makes no sense. The second clause does not negate the first.

 

[Isamilis]

At least, I can go home early today, lol

 

[cyb3rdud3]

If you have a company deployed laptop, and you use something like crowdstrike, then surely they configured it correctly, and thus you wouldn't be able to boot it in safemode and do this yourself

Oopsie

 

[cyb3rdud3]

Yesterday my PC at work kept freezing and got the blue screen of death. I wonder if it was related.

Nah that was just the normal one

 

[cjsuk]

Not sure why people are crapping on Microsoft here. The issue is crowdstrike. They have Linux and Mac versions of Falcon sensor too. They just happened to screw up the windows version today and push it to production past everyone’s security controls.

This could be Apple or Linux tomorrow.

 

[ThailandToo]

FBI unlocks shooter Android in 40 minutes would take them 40 weeks for an iPhone and now in PC Land…”Houston we have a problem”.

Your logic and reality are far off. Any of these devices can be cracked instantly and even wirelessly. Just believe the Apple marketing hype about privacy.

 

[cjsuk]

If you have a company deployed laptop, and you use something like crowdstrike, then surely they configured it correctly, and thus you wouldn't be able to boot it in safemode and do this yourself

Oopsie

This only affected machines that were powered up when they pushed stuff out. They fixed it quickly but this was enough to destroy a ton of servers across the planet.

Have been up since 5AM….

 

[neuropsychguy]

haha yes

Very funny. Airlines and banks are affected. 911 call centers are affected. Air traffic control is affected. Hospitals are affected. Many more companies and systems are affected. It’s not hyperbole to say people might die in part because of this. So yes, hilarious.

Just because it is only affecting Windows, doesn’t mean anyone should celebrate.

/Only a little sorry about being sarcastic. There are issues much bigger than some good natured macOS vs. Windows ribbing. This is one of the times when it's not appropriate. Find humor in something else.

Edit: For example to show how widespread this is: https://www.nbcnews.com/news/us-new...usinesses-broadcasters-crowdstrike-rcna162664

 

[Heindijs]

Shows how little our infrastructure is built to withstand single points of failure. That's not just Crowdstrike, but all of the web too with their endless libraries maintained by a few people.

 

[SRQrws]

I'm surprised no one has blamed Tim Cook for this.

 

[TheOldChevy]

IT being a critical technology for all mega corporations, why don't they own their IT, use solutions that they have a good control of? Greed? Greed will always have a cost one day.

 

[Powerbooky]

The name itself "CrowdStrike" really fits what's happening now.

As a software engineer who has been through many releases, some better than others, I can imagine the chaos going on behind the scenes. Of course I feel for all those impacted too.

Maybe, just maybe this is an eye opener for some companies causing them to rethink their IT choices. Maybe the industry will stop using the bloated Windows OS for everything and wiring it all to the internet.
And maybe, Microsoft will see that it should finally start to focus on good coding instead of rushing everything and bloating software with useless features. Maybe just stop with Windows OS entirely, it's just crap anyway. They should put all the energy into making fast working Office application that DO NOT RELY on cloud servers so much.

Many applications, like all the applications used in airports and transport, can easily run much more reliable on much smaller systems with Linux OS. And if the application needs more... use macOS systems.

IT being a critical technology for all mega corporations, why don't they own their IT, use solutions that they have a good control of? Greed? Greed will always have a cost one day.

"Outsourcing" was and still is a word managers like, because its the easy way to cut costs and it always does in their limited view. Depending on the operation outsourcing can increase costs too but often for different department, and that's why its never mentioned in reports. When television started to automate stuff and outsource some IT stuff later on, it did reduce the amount of employees in the operational department, but quadrupled the amount of IT personnel in other departments. At the time the IT was kind of booming and therefore it wasn't considered bad. But in the long run, costs went up more than they had reduced.
And the worst part of outsourcing... whenever there's a technical issue, the issue isn't resolved immediately. There's long path of communication between services desks/call centers, lengthy meetings of who's reponsible (finger pointing managers), lots of "filtered" messages from/to actual technicians and even stuff getting "lost in translation".
And since time is money, this costs even more money. But since these costs are on different tabs, it isn't visible that much. In fact, it's even considered a good thing... since it is "managed" properly (they think).

 

[@Brett]

Correction on the article it is C-00000291*.sys and not C-0000029*.sys. Macs and others were affected on corporate networks if Windows servers were involved.