Microsoft says CrowdStrike outage could be fixed by turning off Windows PCs 15 times in a row (yes, really)

The devastating blue error screen that caused all of the mayhem is displayed at a currency exchange store at the Hong Kong International Airport on July 19

GETTY IMAGES
Aaron Brown

By Aaron Brown


Published: 20/07/2024

- 09:05

Some believe it'll take "weeks" before IT workers are able to fix every broken PC

Computer systems around the globe are still reeling from a botched update from enterprise antivirus provider CrowdStrike, which sent Windows-powered PCs into an endless spiral of error messages, colloquially known as the Blue Screen of Death (BSOD). With these machines out-of-action, the services that relied on them crumbled instantaneously — grounding 5,078 flights (4.6% of those scheduled on July 19) including 167 due to depart from the UK, leaving banks and businesses unable to accept payment, and cutting off a live Sky News broadcast.

CrowdStrike Chief Executive George Kurtz has confirmed the IT chaos was all caused by “defect in a single content update for Windows hosts” — in short, a glitch in a software update rolled out to customers using Windows 10 or Windows 11. In a statement on social media, the executive reassured the global outage wasn't the result of a “security incident or cyberattack".


The Texas-based security firm behind the disastrous IT issues, which has left NHS GP practices unable to schedule appointments and US hospitals cancelling operations because they can't access patient's digital medical files, has issued a new update to its Falcon Sensor security software — believed to be the source of the crashes.

However, it could still take "some time" before all affected computers receive the update and return online.

Since the bungled update to the CrowdStrike 'Falcon' sensor has left Windows 10 and Windows 11 PCs stuck on the Blue Screen of Death error screen, these machines will not be able to update automatically as they're not connected to the internet. According to some security experts, applying the fix could require a human visit to every affected PC to manually install the fix — a process that could take weeks.

But there's hope that it won't quite take as long as that.

Posting in a support note on the Microsoft Azure outage page, the company says that restarting an affected machine can help. However, this isn't a case of just rebooting your Windows PC once ...Microsoft says it could take 15 restarts one after another to make a difference.

The advice, which frankly, sounds like a scene from Channel 4 comedy The IT Crowd, comes from customers who report the new Falcon sensor firmware installed in the background during the reboot process.

“We have received feedback from customers that several reboots (as many as 15 have been reported) may be required, but overall feedback is that reboots are an effective troubleshooting step at this stage,” an employee at Microsoft posted on the page.

If that doesn't work, there is another CrowdStrike BSOD fix outlined on the support page.

a screenshot example of the blue screen of death error messageBlue Screen of Death, or BSOD, is a well-known error screen that appears when your Windows laptop or desktop PC is unable to load the operating system MICROSOFT

CrowdStrike CEO Mr Kurtz said he is “deeply sorry” for the situation and said CrowdStrike was “actively working” with those impacted. Saying the issue had been “identified” and that a “fix has been deployed”, he confirmed his team was “fully mobilised to ensure the security and stability of CrowdStrike customers”.

In a letter to customers and partners, Mr Kurtz said: “We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives.”

Industry expert Adam Leon Smith of BCS, the Chartered Institute for IT, warned it could take “weeks” for all computers and systems to be fully restored, while Mr Kurtz revealed only that it would take “some time”.

He told NBC: “Some of the systems that aren’t recovering, we’re working with them, so it could be some time for some systems that just automatically won’t recover, but it is our mission to make sure that every customer is fully recovered and we’re not going to relent until we get every customer back to where they were and we’ll continue to protect them and keep the bad guys out of their systems.”

You may like