How to Fix a Windows Computer Affected by the Global Blackout
A malicious CrowdStrike update recently caused a worldwide outage that left many Windows PCs unable to start up and showing the dreaded “blue screen of death” (BSoD). You can use this guide to follow the procedures involved in fixing this problem and restarting your computer.
Recognizing the Problem
A flawed upgrade for CrowdStrike’s Falcon software, which defends networks against cyberattacks, is the root of the issue. The update caused Windows PCs to crash and fail to reboot, instead of working as intended1. Worldwide enterprises, banks, airlines, and other institutions have been impacted by this problem2.
Method by Method Solution
- Start in Safe Mode
Safe Mode is a diagnostic mode that loads the bare minimum of drivers and services onto your computer. This can assist you in problem-solving and troubleshooting.
Restart Your Computer: Turn off your computer by holding down the power button, then turn it back on.
To access Safe Mode, press F8 repeatedly as soon as your computer boots up until the Advanced Boot Options window shows up. After choosing “Safe Mode,” hit Enter.
- Open the Troublesome File.
Once Safe Mode is activated, you must find and remove the problematic file that is causing the problem.
Launch File Explorer: Windows + E can be used to launch File Explorer.
Go to the Directory by navigating there: Navigate to CrowdStrike at C:\Windows\System32\drivers.
Find the file: Look for the C-00000291*.sys3 file that matches.
- Remove the problematic file.
The problem should go away if the problematic file is deleted.
Eliminate the File: Choose “Delete” with a right-click on the file.
Verify Deletion: Verify that you really do wish to remove the file.
- Restart your computer
Restart your computer normally after removing the problematic file.
Restart your computer by selecting “Power” from the Start menu, then “Restart.”
Examine for Problems: At this point, the BSoD should not appear during PC booting.
Extra Actions for Companies
It could be necessary for you to take extra measures to make sure that all impacted computers are fixed if you are in charge of several PCs in a company setting.
- Employ Tools for Remote Management
You can utilize remote management tools to automate the process of erasing the problematic file from several devices.
Script deployment involves writing a script that locates the CrowdStrike directory and removes the problematic file.
Run the Script Remotely: On all impacted PCs, use your remote management solution to run the script.
- Get in touch with CrowdStrike Help
Customers who are impacted are receiving assistance from CrowdStrike, which has acknowledged the problem1. For further information and updates, get in touch with their support staff.
Check out the Support Portal here: Visit CrowdStrike’s support center to get the most recent patches and updates.
Observe Their Advice: Apply any extra instructions or fixes that CrowdStrike may supply.
Avoiding Problems Down the Road
You should think about putting the following recommended practices into practice to avoid such problems in the future:
- Examine updates prior to deployment.
Prior to rolling out upgrades to every machine, make sure they are tested in a controlled environment.
Establish a Test Environment: Construct a test environment that is identical to your production setup.
Test Updates: Before making updates generally available, apply them in a test environment and keep an eye out for any problems.
- Put Backup Plans Into Practice
Make sure you have reliable backup plans in place so you can react swiftly to any problems.
Plan Regular Backups: Make sure that important data and systems are regularly backed up.
Check Backups: Make that backups can be successfully restored and are complete on a regular basis.
- Make Use of Endpoint Security Products
Solutions for endpoint protection that offer more security and monitoring should be taken into consideration.
Pick Reliable Software: Opt for endpoint security software from suppliers with a good reputation.
Systems should be routinely checked for any anomalous behavior or problems.
In summary
Fixing a Windows computer affected by the recent global blackout entails starting the computer in Safe Mode, removing the problematic file, and restarting it. Businesses may need to take extra actions, such contacting CrowdStrike support and utilizing remote administration capabilities. Future problems can be avoided by putting best practices into effect, such as testing updates, keeping backups, and utilizing endpoint protection.