A worldwide scramble is underway as IT administrators grapple with a catastrophic Windows outage caused by a faulty CrowdStrike update. This widespread issue has rendered thousands of PCs and servers useless, plunging businesses across various sectors into chaos. While CrowdStrike has rectified the problematic update, the damage is done, leaving many systems offline and businesses struggling to cope.
The fix isn’t straightforward for most. The initial workaround provided by CrowdStrike requires booting affected Windows systems into Safe Mode and manually deleting a system file. This cumbersome process necessitates physical access to each machine and can be further complicated by disk encryption or restricted admin rights.
STEPS:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching “C-00000291*.sys”, and delete it
- Boot the host
Alternatively, IT admins can wait for CrowdStrike’s fix to propagate through the network, but this has proven to be a slow and unreliable solution due to the sheer volume of machines seeking updates. A seemingly absurd workaround involving repeated reboots has reportedly worked for some, but success seems to hinge on timing and luck.
Businesses utilizing virtual desktops may have a faster recovery path by restoring affected hosts to a point before the faulty update wreaked havoc. However, for environments where reboots fail, the Safe Mode workaround remains the primary option.
This outage, unlike typical internet disruptions, won’t be resolved quickly. CrowdStrike CEO George Kurtz has acknowledged the scale of the problem, assuring customers that recovery is a top priority. However, he admits that some systems may take time to fully recover.
While Kurtz has apologized for the disruption, questions remain about how such a flawed update managed to infiltrate countless machines globally. This incident serves as a stark reminder of the potential vulnerabilities in even the most trusted software, highlighting the critical need for rigorous testing and backup procedures.
