Get updates delivered to you daily. Free and customizable.
TechRadar
Windows 'blue screen of death' crisis: what we know so far
By Matt Hanson,
6 hours ago
Businesses across the globe are being affected by a major IT outage that's causing Windows machines to encounter the dreaded 'blue screen of death' (BSOD), with knock-on effects hitting airlines, banks, and online services, and even taking TV channels off the air.
The outage has apparently been caused by a faulty security update rolled out by cybersecurity company CrowdStrike. Businesses in Australia and Asia were the first to encounter problems as computers running Windows went offline, with major issues subsequently being reported across Europe and the US.
Microsoft issued a statement saying: "We are aware of an issue affecting Windows devices due to an update from a third-party software platform. We anticipate a resolution is forthcoming." CrowdStrike posted on its customer support website that "We have widespread reports of BSODs on Windows hosts, occurring on multiple sensor versions." It also said the outage was not the result of a cyberattack.
Millions of companies around the world rely on Windows PCs, and in the early hours of July 19, widespread reports started coming in that many of these PCs were encountering 'blue screen of death' (BSOD) errors, taking services and systems offline.
Anyone who's used a Windows PC over the past 40 years will know that a BSOD error can be pretty nasty – it essentially forces the computer to stop what it's doing, and the only thing you can do is reboot the PC and hope the problem doesn't occur again. If it does, then the PC is in a pretty bad shape, and you'll need to do some troubleshooting to try to fix the BSOD error .
This can be extremely frustrating for individuals who find their Windows 11 PC or laptop can no longer run, but when the PCs used by hospitals, airlines, and banks start getting affected, things can get really bad, and unfortunately, that seems to be the case here.
(Image credit: Future)
Who is affected?
So, who is affected by this BSOD outage? So far it looks like hundreds of major businesses and organizations around the globe are having issues – and that means thousands, if not millions, of customers, hospital patients, travelers, and anyone relying on these services will be affected. There have been reports of hundreds of fights being delayed or cancelled, and hospital appointments being cancelled.
In the UK Sky News went off the air for a time, and airline Ryanair has posted that “We’re currently experiencing disruption across the network due to a Global 3rd party IT outage, which is entirely out of our control. Booking and check-in are currently unavailable.” Ryanair recommends that people who are due to travel today check in at the airport, rather than trying to do so online.
So far, it doesn't seem like personal Windows 11 PCs are being affected – I'm writing this news story on one, and so far it seems fine. These are the companies and institutions that have confirmed they are affected so far:
Microsoft
Microsoft 365
BetMGM
Amazon
Visa
Sainsbury's
Tesco
RyanAir
Waitrose (UK)
Morrisons (UK)
Wetherspoons (UK)
Waterstones (UK)
Sky News UK (back on air)
BT
Ladbrokes
Santander
Nationwide
Royal Mail
Southern Rail (UK)
Swiss International Air Lines
National Pharmacy Association (UK)
Schleswig-Holstein university hospital (Germany)
Berlin BER airport
KLM
Delta (US)
United (US)
American Airlines (US)
Aemet (Spain)
IndiGo (India)
NHS (UK)
Why has this happened?
We're still not entirely sure what has caused this outage, but it appears to be affecting Windows devices used by businesses. Early reports suggest that cyber security firm CrowdStrike may be to blame, having pushed out a security update for its product that features a bug.
George Kurtz, CEO of CrowdStrike (I don't envy his job today), has released a statement on X:
In the statement, Kurtz says that a defect has been found "in a single content update for Windows hosts," and that Mac and Linux devices are not impacted.
He goes on to say that "this is not a security incident or cyberattack."
It could take a while to sort this mess out, but CrowdStrike has said it has identified a "content deployment related to this issue and reverted those changes." This supports the theory that it was caused by a bug in an update – and we're pretty sure there is going to be a lot of pressure on CrowdStrike employees to come up with a fix, as well as IT admins for businesses across the globe.
Meanwhile, Microsoft has confirmed with Tom Warren of the Verge that it is aware of the issue and that it expects a fix soon.
So, we don't have a clear idea of how long this will last, but CrowdStrike has issued workaround steps for anybody experiencing this problem:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it
Boot the host normally
So there's good news in that the companies at the source of this problem, Microsoft and CrowdStrike, appear to have an idea of what the issue is and are working on a fix.
However, that fix could still take a while to implement – and it will then need to be rolled out to potentially millions of PCs around the world. This could be particularly difficult to do if the PCs are stuck on a BSOD loop, which essentially means that a PC encounters a BSOD, but when it is restarted, the blue screen of death reappears instantly.
The workaround involves booting into Safe Mode and manually finding a file and deleting it. For one PC, that might not be too much of an issue, but for organizations with hundreds of PCs, it's going to be a nightmare.
Boot your Windows PC into Safe Mode or Windows Recovery Environment.
Go to Windows Registry
Edit the following key to disable the csagent.sys from loading.
HKLM:\SYSTEM\CurrentControlSet\Services\CSAgent\Start from a 1 to a 4
George Kurtz, CEO of CrowdStrike, has made a statement on X, where he says that "the issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website."
Those hoping that this will prove to be a quick fix may be disappointed, though. Tom Kidwell, Co-founder, Ecliptic Dynamics and former British Army and UK Government intelligence specialist, got in touch to say that "The outage impacting Windows devices this morning appears to have been caused by a driver update by CrowdStrike, bricking older windows devices and servers, which will be worst hit. Unfortunately for CrowdStrike, if that is the case, it could be nauseating to fix. Due to the nature of the update, an individual from every organization will need to boot into safe mode, remove the issue file/driver, and then either roll back or update to a new version, something CrowdStrike will need to release very quickly."
Get updates delivered to you daily. Free and customizable.
Welcome to NewsBreak, an open platform where diverse perspectives converge. Most of our content comes from established publications and journalists, as well as from our extensive network of tens of thousands of creators who contribute to our platform. We empower individuals to share insightful viewpoints through short posts and comments. It’s essential to note our commitment to transparency: our Terms of Use acknowledge that our services may not always be error-free, and our Community Standards emphasize our discretion in enforcing policies. We strive to foster a dynamic environment for free expression and robust discourse through safety guardrails of human and AI moderation. Join us in shaping the news narrative together.
Comments / 0