https://www.neowin.net/news/botched-security-update-breakes-windows-worldwide-causing-bsod-and-crashes/Multiple companies worldwide are currently forced to suspend their operations due to a faulty cybersecurity update from CrowdStrike. The update is taking down thousands of Windows computers, causing them to boot loop and crash to a blue screen of death with the error message csagent.sys (PAGE_FAULT_IN_NONEPAGED_AREA).
Affected companies include banks, airlines, TV channels, and more, and some of them are forced to halt their jobs almost completely, with most Windows PCs not working due to the Falcon Sensor agent from CrowdStrike, a system that monitors network activity and prevents cyberattacks. One user from Malaysia said on Reddit that 70% of their laptops are not stuck in a boot loop:
Malaysia here, 70% of our laptops are down and stuck in boot, HQ from Japan ordered a company wide shutdown, someone's getting fireblasted for this shit lmao
CrowdStrike has already confirmed the problem and reverted the update. However, the machines that are already affected still cannot operate properly. While IT admins are scratching their heads in attempts to understand what happened and how to resuscitate their computers, a lengthy thread on Reddit suggests deleting a file in the CrowdStrike directory:
Workaround Steps:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.
While booting into Safe Mode and deleting a single file does not sound too hard on a single machine, servicing hundreds of computers, remote devices, and cloud-based service will be quite a chore for IT admins.
Developing...
If someone has a computer that's getting a BSOD because of an Csagent.exe error, this was caused by a faulty update by security company CrowdStrike. This error has grounded so many flights/trains (the trains were already grounded, but you get the picture) and caused many headaches around the world.
The way to get around it is as follows.
1. Wait until your computer restarts a few times.
2. Troubleshoot it.
3. Choose different startup options.
4. Choose Safe Mode
5. Go to C:\Windows\System32\drivers\CrowdStrike
6. Locate and delete file matching "C-00000291*.sys"
7. Reboot normally.
Yet another website “down for maintenance” due to the CrowdStrike outage
https://www.reuters.com/business/aerospace-defense/american-airlines-issues-ground-stop-due-communication-issue-faa-status-page-2024-07-19/
What I’ve been told, it’s a nationwide stop, effecting all airlines.
Some Microsoft outage apparently, triggered by a flawed update to a Cybersecurity platform CrowdStrike that breaks their software and takes down systems using it.
There’s already a published resolution
https://x.com/anzdarrena/status/1814187916815433802
lol, probably not funny when you’re the passenger
https://x.com/s3pirion/status/1814186228524466614
https://x.com/jterryy07/status/1814197422169510222
Woot is also "down for maintenance."