Microsoft IT outage linked to cyber security firm Crowdstrike hits airlines, railways,Tech Companies, Banking,NHS and media outlets globally
Microsoft IT outage linked to cyber security firm Crowdstrike hits airlines, railways, NHS and media outlets globally
There has been a significant global IT outage linked to a software update from the cybersecurity firm CrowdStrike. This update caused widespread disruptions, affecting various sectors including airlines, railways, the NHS, and media outlets.
The outage has led to grounded flights, disrupted banking and technologies operations, and issues with healthcare services. For instance, airlines like American Airlines and Virgin Australia experienced major operational problems, and many GP surgeries in England were affected. Microsoft is working on mitigation actions, but the issue has caused considerable inconvenience globally.
What is CrowdStrike?
Let us tell you that Crowdstrike is a cyber security company. It offers an advanced cybersecurity solution for most computers and laptops around the world. According to the continuous reports about this, one of the main products of Crowd Strike is Falcon and there has been a big error in this product.
Explain that Crowdstrike gives its users a cloud-based endpoint protection solution. The company’s Falcon product detects malicious files on the network. It uses AI technology to stop the virus detecting malicious files. Falcon can do endpoint security whether the system is online or offline.
Who is affected by the CloudStrike update?
Cause:
The outage appears to be related to a faulty update from CrowdStrike, a global cybersecurity firm that provides endpoint security for Windows systems.
Computers relying on automatic updates from CrowdStrike are stuck in a recovery boot loop, rendering them unable to start properly.
Microsoft is actively taking mitigation action to address the lingering impact of this incident.
CrowdStrike say fix to IT chaos has been deployed
The president of CrowdStrike, the cyber-security firm at the heart of the meltdown, said a fix has been put in place and the problem has been identified.
George Kurtz posted: “CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted.
“This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed.
“We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website.
“We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels.
“Our team is fully mobilized to ensure the security and stability of CrowdStrike customers.”
The good news is that a fix has already been found. The bad news is that as servers are not booting it is likely that a large number of servers around the globe will require manual intervention. CrowdStrike gave the following instructions on how to fix the issue.
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching C-00000291*.sys* and delete it
- Boot the host normally
Microsoft then issued further advice
- We recommend customers that are able to, to restore from a backup from before 19:00 UTC on the 18th of July
- Alternatively, attempt to repair the OS disk offline.
- Attach a disk to VM for offline repair (Encrypted disks may need further instructions)
- Once the disk is attached delete the Windows/System/System32/Drivers/CrowdStrike/C00000291*.sys file
- We can confirm the affected update has been pulled by CrowdStrike. Customers that are continuing to experience issues should reach out to CrowdStrike for additional assistance.
How to fix the CrowdStrike issue?
2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
3. Locate the file matching C-00000291*.sys and delete it
or
You may need to manually remove /update the OS disk
Let’s hope temp solution will work !!