Millions of Windows machines are experiencing a Blue Screen of Death (BSOD) issue at boot today (July 19th, 2024), affecting banks, airlines, TV broadcasters, supermarkets, and numerous other businesses worldwide. It is stated to have started initially in the Central US on Thursday. A faulty update from cybersecurity provider CrowdStrike is causing affected PCs and servers to go offline, resulting in a recovery boot loop that prevents machines from starting properly. CrowdStrike is widely used by many businesses globally to manage the security of Windows PCs and servers.

The issue was first reported by Australian banks, airlines, and TV broadcasters as thousands of machines began to fail. The problems are now spreading as businesses in Europe begin their workday. UK broadcaster Sky News was unable to air its morning news bulletins for several hours and displayed a message apologizing for the interruption. Ryanair, one of Europe’s largest airlines, also reports experiencing a “third-party” IT issue impacting flight departures.

Affected machines are stuck in a recovery blue screen at boot. The Federal Aviation Administration (FAA) is assisting airlines like Delta, United, and American Airlines with communication issues. “The FAA is closely monitoring a technical issue impacting IT systems at US airlines,” says FAA spokesperson Jeannie Shiffer in a statement to The Verge. “Several airlines have requested FAA assistance with ground stops for their fleets until the issue is resolved.”

Berlin airport is warning of travel delays due to “technical issues,” many 911 emergency call centers in Alaska have also been affected. An airline in India has even resorted to using handwritten boarding passes due to the outages.

“CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts,” says CrowdStrike CEO George Kurtz in a post on X. “Mac and Linux hosts are not impacted. This is not a security incident or cyberattack.”

CrowdStrike states that the issue has been identified, and a fix has been deployed, but fixing the affected machines will be challenging for IT admins. The root cause is an update to the kernel-level driver that CrowdStrike uses to secure Windows machines. Although CrowdStrike identified the issue and reverted the faulty update after widespread reports of BSODs on Windows hosts, this does not assist machines that have already been affected.

In a Reddit thread, hundreds of IT admins are reporting widespread issues. The workaround involves booting affected Windows machines into safe mode, navigating to the CrowdStrike directory, and deleting a system file. This will be problematic for some cloud-based servers and Windows laptops that are deployed and used remotely.

“Our entire company is offline,” says one Reddit poster, while another reports that 70 percent of their laptops are down and stuck in a boot loop. “Happy Friday,” comments another. It appears to be a long day ahead for IT admins worldwide.

Sky News is unable to broadcast its news bulletins. In a separate outage, Microsoft is also recovering from issues with its Microsoft 365 apps and services. The root cause of those issues was a configuration change in a portion of Azure backend workloads.

According to a TechRadar article, Microsoft’s own Service Status page states that everything is running normally right now, which clearly isn’t the case.

“We’re all good! Everything is up and running.”

Workaround Steps:

“1. Boot Windows into Safe Mode or the Windows Recovery Environment

*2. Navigate to the C: \Windows\System32\drivers\CrowdStrike directory

“3. Locate the file matching

“C-00000291*.sys”, and delete it.

“4. Boot the host normally.”

---

Hope you were informed and provided with the useful tips for troubleshooting during this global Microsoft Outage.