Many people and businesses have woken this morning to one or many BSOD’s, resulting in PC’s being unusable.

Brody Nisbet, CrowdStrike’s chief threat hunter, has confirmed the issue and posted the following workaround on X:

There is a faulty channel file, so not quite an update. There is a workaround…

1. Boot Windows into Safe Mode or WRE.
2. Go to C:\Windows\System32\drivers\CrowdStrike
3. Locate and delete file matching “C-00000291*.sys”
4. Boot normally.

Brody later posted; “That workaround won’t help everyone though and I’ve no further actionable help to provide at the minute”.

The suggestion would be to follow Brody on X / LinkedIn and/or work with your CrowdStrike support team for further updates.

CEO of CrowdStrike George Kurtz has since posted on X;

CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We…

— George Kurtz (@George_Kurtz) July 19, 2024

Edit

Obviously given the devices are non-bootable, this entire situation is made a whole lot tricker. Microsoft have released a USB bootable solution to the issue, whilst still not ideal, it’s probably the best option out there if your devices are bare metal. See the link below;

https://techcommunity.microsoft.com/t5/intune-customer-success/new-recovery-tool-to-help-with-crowdstrike-issue-impacting/ba-p/4196959