CrowdStrike, the endpoint security software, caused a major global outage of Microsoft services, including Windows and Office 365, following an update on Friday. The alleged issue brought the ‘blue screen of death' (BSOD) to Windows devices across the world, with users unable to access their devices. Furthermore, the problem is also reported to have resulted in the disruption of services across information technology (IT) companies, airports, banks and other sectors. 


CrowdStrike Error: What Happened

The issue seems to have surfaced following a CrowdStrikeupdate that resulted in ‘Blue Screen of Death' on Windows devices. The error says, “Your device ran into a problem and needs to restart”. However, restarting does not appear to solve the issue, with the device getting stuck in a boot loop.

Microsoft lists the error with the STOP code “PAGE_FAULT-IN-NONPAGED_AREA”. It is allegedly caused to due a failure of a CrowdStrike agent system file, as per the error log. 

Media outlets were also reported to face issues due to the global outage of Microsoft services, with the UK's Sky News and CBBC and Australia's ABC News being some of the ones affected. Furthermore, the London Stock Exchange (LSE), run by the LSE Group, also said it was facing an issue that prevented the RNS news service from publishing on the LSE website.

CrowdStrike Error: Response

Update: CrowdStrike CEO George Kurtz has issued a statement informing that the root cause has been identified and patched. The company is claimed to be "actively working with customers" impacted by the outage. The CEO revealed that the error was not due to a "security incident or cyberattack" but because of a defect in a single content update for the Windows platform. It did not affect Linux or Mac devices

CrowdStrike and Microsoft have both issued statements following the outage. Microsoft said that several “mitigation actions” were in process, while it also focussed on redirecting impacted traffic to “healthy systems”. As per a Reuters report, Microsoft acknowledged that the problem arose at 6 pm ET (3:30 am IST), with customers in its Central US area facing issues while accessing Azure services.


In a statement hidden behind a registration wall, CrowdStrike acknowledged the issue, stating it “is aware of crash reports”. On the CrowdStrike subreddit, the moderator also published a workaround for those who are still affected by it. To resolve it, it advised users to:


1) Boot the Windows device into Safe Mode or open the Windows Recovery Environment

2) Next, navigate to the C:\Windows\System32\drivers\CrowdStrike directory

3) Find a file in the system directory matching “C-00000291*.sys”, and delete it

4) Boot the host normally.