Crowdstrike Falcon is software designed to protect businesses from threats, but a new update has caused many systems running their sensors to be met with the infamous blue screen of death.

Large companies often deploy strict security measures to protect their machines, so use software (think of it as a more advanced Anti-Virus) to keep them safe. Businesses across the globe deploy a solution, named Crowdstrike Falcon. It offers protection against almost anything that could harm a computer.

However, Crowdstrike Agents are suffering from an issue that has caused systems running it to be met with the Windows Blue Screen of Death, and rebooting repeatedly.

Crowdstrike has acknowledged the issue in an update to customers. A transcript posted on Hacker News states: “CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor.” the portal continues to detail the problem: “Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor.”

The statement reportedly continues: “Our Engineering teams are actively working to resolve this issue”.

So there appears to be hope for a solution deployed remotely, thereby fixing the issue, which has already had catastrophic effects globally. Airline Ryanair stated it is suffering from a “3rd party IT issue”, while British broadcaster Sky News has been taken offline.

The reaction to the issue on social media offers insight into just how widespread those affected are, with reports of Airports being taken offline, and also affecting game developers, as Smash Bros. director Masahiro Sakurai also expressed shock at the issue on X/Twitter.

A United Airlines flight has also been canceled due to technical problems, with issues also extending to Delta Airlines in Atlanta. Emergency services have also taken a hit due to the problem, according to users on social media.

In a social media post, Akshay Kothari, Notion co-founder, posted that Indian airlines are now giving out boarding passes by hand.

Downdetector reports that massive global services, including Microsoft 365, and more have all been affected, seemingly by the Crowdstrike BSOD issues.

System administrators react to Crowdstrike Falcon error

Over on Hacker News, users shared their thoughts: “…an application shouldn’t be able to do this kind of damage to an operating system,” states one person.

“Husband is a deputy in California. His department and many others here are down as well (including PDs, jails, ambulance companies, etc.)” says another.

The scale of the issue is currently difficult to conceive, with the /r/crowdstrike subreddit also active with chatter about exactly who or what has been affected.

Speculation is rife with exactly which version of Crowdstrike is to blame. “Is anyone aware if it’s a particular version? we’re 7.15.18513.0. Rolled out 2 days ago. EDIT: this is the version that’s BSOD’ing for us.”

Another user comments: “Truly a sh*t show. One wrong push into production and my entire company of 80k workers comes to a halt, can’t work.”

Crowdstrike advises on interim fix

In a Reddit comment, a Crowdstrike moderator said the company identified a content deployment related to this issue and has reverted those changes. Crowdstrike has also issued an interim fix, with the steps provided below.

Boot Windows into Safe Mode or the Windows Recovery Environment Navigate to the C:\Windows\System32\drivers\CrowdStrike directory Locate the file matching “C-00000291*.sys”, and delete it. Boot the host normally.

This is a developing story.