Many Windows machines around the world are experiencing a Blue Screen of Death at boot that has disrupted systems including banks, airlines, broadcasters, government services, and several other sectors. Owing to a faulty update from cybersecurity firm CrowdStrike, Windows PCs and servers were knocked offline prompting a recovery boot loop. Businesses around the world use CrowdStrike as a cybersecurity provider to manage Windows-based systems.
Among the affected are Australia’s Commonwealth Bank and Victoria state police internal systems, the UK’s London Stock Exchange, Sky News, and the National Health Service, along with 911 and non-emergency call centers in several US states. The disruption also hit airlines and airports across the globe from the US, Germany, France, and the Netherlands, to Singapore, Australia, India, Taiwan, China, and Japan. Even some of Sri Lanka’s banks, conglomerates, tourism-based businesses, and other sectors have reported Windows-related outages.
In an update, CrowdStrike CEO George Kurtz confirmed that a “defect found in a single content update for Windows hosts” prompted the outage and that the company and that the problem has been “identified, isolated and a fix has been deployed.” However, it’s worth noting that the root cause is likely a faulty update to a kernel-level driver that CrowdStrike uses to secure Windows machines. This means that while CrowdStrike may have identified the issue and reverted the original faulty update, already affected systems are still left with the issue.
The issue was also acknowledged on CrowdStrike support forums where the company received crash reports pertaining to a content update. According to CrowdStrike, those crash reports were related to its Falcon Sensor— the company’s cloud-based security service. The post also suggests a workaround for machines that continue to have issues involving booting into Safe Mode (or Windows Recovery Environment) and deleting a system file.
Incidentally, a seemingly separate outage impacted Microsoft that left users unable to access Microsoft 365 apps and services. As per the company, the root cause was a “configuration change in a portion of our Azure backend workloads,” with its Health Service page stating that Microsoft is now recovering from the issue.
Sri Lanka?
Apart from Sri Lanka CERT crossposting CrowdStrike’s update, no authority or business in Sri Lanka publicly acknowledged the issue even as numerous disruption reports surfaced on Twitter and Reddit. While it’s clear that the Microsoft issue has impacted many sectors in the country today, it remains to be seen if the CrowdStrike update has done the same in the Sri Lankan digital space.
GIPHY App Key not set. Please check settings