Our Latest Blog

Global IT Disruption: Faulty CrowdStrike Update and the Importance of Mitigation in Cybersecurity

• Tetraflow Cybersecurity Team
• July 19, 2024

A faulty software update from CrowdStrike, a popular cybersecurity firm, has caused a major global IT outage. This has resulted in widespread disruptions, affecting various sectors including airlines, banks, retailers, brokerage houses, media companies, and railway networks. The travel sector seems to be one of the hardest hit.

The issue was linked to a “defect” in a content update for Windows hosts. CrowdStrike’s chief executive, George Kurtz, confirmed that this was not a cyberattack. He added that the firm was rolling out a fix and that Mac and Linux hosts were not affected.

The faulty update affected the Falcon Sensor, CrowdStrike’s cloud-based security service. This led to Windows computers experiencing the “blue screen of death” errors.

In addition to the information from the webpage, it’s important to note that the file that needs to be mitigated is a driver that becomes corrupt once a system receives security intelligence updates. This could potentially exacerbate the impact of such faulty updates, leading to further system instability.

The mitigation steps are as follows:

1. Boot Windows in Safe Mode or Windows Recovery Environment
2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
3. Find the file named “C-00000291*.sys” and delete it
4. Restart the computer or server normally

CrowdStrike is actively working with customers impacted by this defect. The company has identified and isolated the issue, and a fix has been deployed. They recommend that organizations ensure they’re communicating with CrowdStrike representatives through official channels.

This incident underscores the importance of rigorous testing and quality assurance in software updates, particularly those related to cybersecurity. It also highlights the potential risks associated with automated update processes.