The Indian Computer Emergency Response Team (CERT-In) has issued a critical advisory concerning a major outage impacting Microsoft Windows systems, traced to a recent update of the CrowdStrike Falcon Sensor. This update has led to significant system instability, causing system crashes and the infamous "Blue Screen of Death" (BSOD) for numerous users worldwide, including critical sectors such as airlines and banking.
Key Details of the Advisory
Severity Rating: CERT-In has classified this issue as "critical," underscoring the severe outages caused by the CrowdStrike update.
Affected Systems: The problem primarily affects Windows hosts running the CrowdStrike Falcon Sensor, which is vital for security data collection on business computers.
Mitigation Steps: To mitigate the ongoing issues, CrowdStrike has rolled back the problematic update. However, for systems still experiencing crashes, CERT-In advises the following steps:
Boot Windows into Safe Mode or the Windows Recovery Environment.
Navigate to C:\Windows\System32\drivers\CrowdStrike and find the file matching the pattern "C-00000291*.sys".
Delete the identified file, then reboot the system normally.
Government Response
Union Minister for Information Technology Ashwini Vaishnaw has confirmed that the government is in communication with Microsoft regarding the outage. He assured that the National Informatics Centre (NIC) network remains unaffected and that the cause of the outage has been identified, with updates being implemented to restore services.
Global Impact
The outage has affected numerous organizations globally, including major entities like the London Stock Exchange, Visa, and Amazon, highlighting the extensive reach of the issue.