icon

Digital safety starts here for both commercial and personal Use...

Defend Your Business Against the Latest WNY Cyber Threats We offer Safe, Secure and Affordable Solutions for your Business and Personal Networks and Devices.



WNYCyber is there to help you to choose the best service providers in Western New York... We DO NOT provide the services ourselves, as we are Internet Programmers who have to deak daily with Cyber Threats... (Ugghhh)... So we know what it's like and what it takes to protect OUR and OUR CUSTOMERS DATA... We built this Website to help steer you to those that can give you the best service at realistic and non-inflated prices. We do charge or collect any fees.

Buffalo, New York
United States

Current Threat Data

Crowdstrike Outage (update)

Summary:

CrowdStrike is aware of reports of crashes on Windows hosts that have taken place after installing the latest update for CrowdStrike Falcon Sensor. CrowdStrike says that it has identified a content deployment related to this issue and reverted those changes

Impact:
Windows hosts are being stuck in a boot loop or experiencing bugcheck/blue screen errors related to the Falcon Sensor. Several organizations and services across the world have been impacted, including airports, airlines, banks, hospitals, as well as 911 services.

Suggested Corrections:
The root cause has been associated with a Channel File, which contains data for the Falcon sensor. CrowdStrike has reverted the Channel file. Note: Channel file "C-00000291*.sys" with timestamp of 0527 UTC or later is the reverted (good) version. Channel file "C-00000291*.sys" with timestamp of 0409 UTC is the problematic version. Hosts booted up after 5:27 AM UTC should not be experiencing any issues. If hosts are still crashing and unable to stay online to receive the Channel File Changes, CrowdStrike recommends:

  • Boot Windows into Safe Mode or the Windows Recovery Environment. NOTE: Putting the host on a wired network (as opposed to WiFi) and using Safe Mode with Networking can help remediation.
  • Navigate to the %WINDIR%\System32\drivers\CrowdStrike directory
  • Locate the file matching “C-00000291*.sys”, and delete it.
  • Boot the host normally. Note: Bitlocker-encrypted hosts may require a recovery key.

CrowdStrike Statement:
https://www.crowdstrike.com/blog/statement-on-windows-sensor-update/

Contact Us for Threat Assistance
Back to Current Threats