What happened ?
On 2024-07-18 between 9:00 pm and 9:30 pm we started hearing news that windows computers running Crowdstrike have started showing the infamous "Blue Screen of Death" (BSOD). Upon further investigations we identified the Internet at large was experiencing this issue. This is a a global event - with numerous computers being affected.
My Computer keeps booting to a blue screen, what can I do ?
Option1 - Reboot
There does appear to be some chance just rebooting your computer will clear the issue, try that first.
Option 2 - Fix one computer from Recovery Mode
Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it.
Note this file will always exist, you only need to delete it if you are having boot problems
if the file has a timestamp of 0409 UTC ( 09:09 PM PDT), it is the problematic version
- Boot the host normally.
This CrowdStrike Host Self-Remediation video covers the steps nicely.
Option 3 - Microsoft Recovery Tool
Microsoft created a tool to assist with fixing CS. It does take some time to create this tool since it needs to download large file and assemble them on a USB drive. You then boot the computer from the USB drive to fix a computer. If you have many computers to fix, this method is recommended.
Option 4 - IT provided Microsoft Recovery Tool Images
The IT Division has compiled the above tool, there is an iso (400M, recommended) or bin (15G, USB image), both links are to Google Drive.
Option 5 - Contact IT
Contact the IT Help Desk at [email protected] if you need assistance. Phone and chat responses will be slower due to the extreme volume of calls.
FAQ
- This issue is not impacting Mac or Linux
- Windows hosts which have not been impacted do not require any action as the problematic channel file has been reverted
Technical links
https://www.reddit.com/r/crowdstrike/comments/1e6vmkf/bsod_error_in_latest_crowdstrike_update/
News and sources
https://www.nytimes.com/live/2024/07/19/business/global-tech-outage
https://www.theverge.com/2024/7/19/24201717/windows-bsod-crowdstrike-outage-issue
https://www.marketwatch.com/story/airlines-grounded-companies-experiencing-outages-tied-to-crowdstrike-issue-fc94611d
Link
You can link to this page using https://go.lbl.gov/crowdstrike-issue