CrowdStrike Says Logic Error Caused Windows BSOD Chaos

CrowdStrike reiterated that the issue was not the result of a cyberattack but confirmed that millions of users with its Falcon sensor for Windows experienced their systems crashing into a BSOD (blue screen of death) reboot loop.

“The update applied at 04:09 UTC was intended to address newly identified malicious named pipes used by common C2 frameworks in cyberattacks. This configuration update triggered a logic error, causing the operating system to crash.”

CrowdStrike has resolved the logic error by updating the content in Channel File 291 and confirmed that no further changes to this file beyond the updated logic will be made. The Falcon system continues to evaluate and protect against the abuse of named pipes.

The anti-malware vendor has provided remediation guidelines, stating that systems not currently affected “will continue to function normally, maintain protection, and are not at risk of this issue reoccurring.”

“We understand how this issue occurred and are conducting a thorough root cause analysis to determine how the logic flaw emerged. This investigation is ongoing, and we are committed to identifying any foundational or workflow improvements to enhance our processes,” the company stated.

Amid the disruptions at airports and hospitals caused by the CrowdStrike update, the US cybersecurity agency CISA announced it is collaborating with federal, state, local, tribal, and territorial (SLTT) partners, as well as critical infrastructure and international partners, to assess impacts and support remediation efforts. CISA confirmed CrowdStrike’s statements that the issue does not affect Mac and Linux hosts and was “not due to malicious cyber activity.”

“CISA has noted that threat actors are exploiting this incident for phishing and other malicious activities. We urge organizations and individuals to remain vigilant and only follow instructions from legitimate sources. CISA advises organizations to remind employees to avoid clicking on phishing emails or suspicious links,” the agency cautioned.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

error: Content is protected !!

Sign Up for CXO Digital Pulse Newsletters

Sign Up for CXO Digital Pulse Newsletters to Download the Research Report

Sign Up for CXO Digital Pulse Newsletters to Download the Coffee Table Book

Sign Up for CXO Digital Pulse Newsletters to Download the Vision 2023 Research Report

Download 8 Key Insights for Manufacturing for 2023 Report

Sign Up for CISO Handbook 2023

Download India’s Cybersecurity Outlook 2023 Report

Unlock Exclusive Insights: Access the article

Download CIO VISION 2024 Report

Share your details to download the report

Share your details to download the CISO Handbook 2024