CrowdStrike issues a fix to Falcon sensor update bug after global ...
CrowdStrike has deployed a new content update that resolves the previously erroneous update and subsequent host issues impacting major global organisations and banks.
According to Cyber Solutions by Thales, Tesserent, as devices receive this update, they may need to reboot for the changes to take effect and for the blue screen (BSOD) issues to be resolved.
Tesserent noted, if hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used to work around this issue:
1. Boot Windows into Safe Mode or the Windows Recovery Environment
2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
3. Locate the file matching “C-00000291*.sys” and delete it.
4. Boot the host normally.
Tesserent originally issued an alert about a global outage impacting Microsoft Windows devices on 19 July, a few hours after global outages were reported.
According to Tesserent, devices equipped with CrowdStrike, were experiencing a critical “blue screen” (BSOD) error and are repeatedly attempting to reboot.
CrowdStrike has confirmed this issue as a Falcon sensor issue. Although limited information is available, the cyber security firm is urgently investigating.
The Tesserent Security Operations Centre will continue to monitor the situation and provide managed services clients with updates, including resolution plans, once they become available.
The outage hit Australian organisations on 19 July and every major company, from Foxtel to MyGov, the big four banks and supermarkets had been affected. Airlines were also experiencing issues, forcing planes to remain grounded.
According to ABC News, the national broadcaster “was experiencing a major network outage, along with several other media outlets”.
“Crowd-sourced website Downdetector is listing outages for Foxtel, National Australia Bank and Bendigo Bank,” stated ABC News.
Across the Tasman the NZ Herald reported Kiwi’s were experiencing issues with banking and transport services, including delayed flights as well.
While retail and supermarket checkout systems have gone down, some NZ-based Countdown stores closed entirely.
Australian authorities have gathered for an emergency meeting with the National Cyber Security Coordinator putting out a statement on X, saying it was aware of a large-scale technical outage affecting a number of companies and services across Australia this afternoon.
“Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.”
