CrowdStrike BSOD Issue in Windows : Causes, Impact, and Fix – Malaysia

Introduction

Starting Thursday evening and rolling into Friday morning, a Microsoft outage began crippling airlines, banks, healthcare, and energy companies across the world, resulting in a “blue screen of death” (BSOD) on their work computers. CrowdStrike, a cybersecurity firm whose software protects small businesses and large companies from cyberattacks and other online threats, said it caused the outage when it sent out a software update with a glitch, crashing Windows computers running the company’s software.

The fallout has been massive. Airport travelers have been stranded, hospital appointments delayed or canceled, and employees unable to work, all because of this software update. While most people have to wait for the issue to be resolved, if you’re dealing with the BSOD on your PC, there is a fix provided by CrowdStrike.

Understanding the CrowdStrike BSOD Issue

Causes of the BSOD

The BSOD issue with CrowdStrike has been traced back to a corrupted driver file within the Windows operating system. This corrupted file can cause the system to crash unexpectedly, leading to the infamous blue screen. The primary culprit is a driver file located in the System32 directory, which is integral to the functioning of CrowdStrike’s protection mechanisms.

Impact on Users

For many users, the BSOD issue has resulted in:

• System Downtime: Unexpected crashes lead to lost productivity and potential data loss.
• Inconvenience: Repeated reboots and troubleshooting can be frustrating and time-consuming.
• Data Vulnerability: During the downtime, systems may be exposed to security threats if not promptly addressed.

Step-by-Step Fix for the CrowdStrike BSOD Issue

If you are experiencing the BSOD issue even after a reboot, CrowdStrike has recommended a specific fix to address the problem. Here is a detailed guide on how to implement this fix:

Step 1: Boot into Safe Mode or Windows Recovery Environment

1. Safe Mode:
   • Restart your computer.
   • Before Windows loads, press and hold the F8 key (or Shift + F8 for some newer models).
   • Select Safe Mode from the boot options menu.
2. Windows Recovery Environment:
   • Restart your computer.
   • Press and hold the Shift key while selecting the Restart option from the Start menu.
   • Select Troubleshoot > Advanced options > Startup Settings > Restart.
   • Choose Safe Mode from the list.

Step 2: Navigate to the Driver Directory

Once your computer is in Safe Mode or the Windows Recovery Environment, follow these steps:

1. Open the File Explorer.
2. Navigate to the directory: %WINDIR%\System32\drivers\CrowdStrike.
   • This can be done by typing the path directly into the File Explorer address bar and pressing Enter.

Step 3: Locate and Delete the Corrupted File

1. In the CrowdStrike directory, look for a file that matches the pattern “C-00000291*.sys”.
2. Once located, delete this file.
   • Right-click the file and select Delete.
   • Confirm the deletion if prompted.

Step 4: Reboot Normally

1. After deleting the corrupted file, restart your computer normally.
   • Select Restart from the Start menu or simply press Ctrl + Alt + Delete and choose Restart.
2. Your computer should now boot without encountering the BSOD issue.

Conclusion

The CrowdStrike BSOD issue in Windows has been a significant inconvenience for many users, but with the steps outlined above, it can be effectively resolved. By booting into Safe Mode or the Windows Recovery Environment, navigating to the specified directory, and deleting the corrupted driver file, users can restore system stability and resume their activities without further disruptions. If the issue persists, it is recommended to contact CrowdStrike support for further assistance.

For the latest updates and detailed instructions, always refer to the official CrowdStrike website. Stay safe and ensure your system’s integrity by promptly addressing such issues.