The Indian government has acted on the major IT outage that has caused havoc across the globe on Friday. The Indian Computer Emergency Response Team or CERT-In has published an urgent security bulletin sharing the details of the outage that has taken millions of Windows PCs and other Microsoft services offline.
CrowdStrike is the company that operates the security solutions powering Windows systems and Microsoft products. The software updates and patches you get for the Windows PCs are offered by CrowdStrike and the Falcon is a major component that keeps the PCs protected from threats and other bad actors.
The CERT-In warning with a critical rating shares the details of the outage. “It has been reported that Windows hosts related to Crowd strike agent, Falcon Sensor, are facing outages and getting crashed due to a recent update received in the product. The concerned windows hosts are experiencing Blue Screen of Death (BSOD). related to Falcon Sensors.”
The Minister of Electronics And Information Technology, Ashwini Vaishnaw has shared this update on his X profile,
MEITY is in touch with Microsoft and its associates regarding the global outage. The reason for this outage has been identified and updates have been released to resolve the issue.
CERT is issuing a technical advisory.
NIC network is not affected.
— Ashwini Vaishnaw (@AshwiniVaishnaw) July 19, 2024
Minister Vaishnaw also assured that the National Informatics Centre (NIC) network was not affected by the CrowdStrike outage.
"NIC network is not affected": Minister Ashwini Vaishnaw amid Microsoft outage that disrupted flight opsRead @ANI Story | https://t.co/Chm03EdQ53#India #NIC #Microsoft #airlines #flights #AirIndia #SpiceJet #Indigo #Akasa pic.twitter.com/H4VrncfDh0
— ANI Digital (@ani_digital) July 19, 2024
CERT-In Security Advise For Windows Users Over BSOD
The issues occurred in the latest update of CrowdStrike and the changes have been reverted by the CrowdStrike team. If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used as work around for this issue:
– Boot Windows into Safe Mode or the Windows Recovery Environment
– Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
– Locate the file matching “C-00000291*.sys”, and delete it.
– Boot the host normally.
The bulletin also says that users are advised to check the latest updates from CrowdStrike portal.