19-July-2024 – Many of you are waking up to the news of a major IT disruption caused by a new Microsoft update bug from CrowdStrike. This unexpected issue has affected operations across various sectors, including airports, banks, and businesses running Windows OS. This CrowdStrike update bug has also hit the digital signage industry hard, where many display systems are running on Windows media players.
The chaos stemmed from an update sent by CrowdStrike, a cybersecurity company based in Austin, Texas, to businesses that use its software to protect against hackers and online intruders. But when CrowdStrike’s new code reached computers that run Microsoft Windows software, the machines began to crash.
Impact on the Digital Signage Industry
Digital signage systems running on Windows OS have been significantly impacted by the update bug. Screens that once displayed crucial information and advertisements are now showing the dreaded Blue Screen of Death (BSOD). This outage has created significant disruptions, especially in high-traffic areas such as airports and retail environments where digital signage plays a critical role in communication and customer experience. Kiosk systems, where users interact for various services, are also affected.
The Fix: A Mixed Bag
The good news is that CrowdStrike has already provided a fix for the issue. However, the bad news is that applying this fix requires an on-site visit from a tech team. While the actual fix might take only 15-20 minutes to implement, the affected screens are unable to take remote connections due to the BSOD. This means a considerable amount of tech service hours will be needed to bring all affected screens back online.
- Impact on Businesses: Businesses relying on digital signage for marketing and information dissemination are facing downtime, potential revenue losses, and customer dissatisfaction.
- Response Time: The need for on-site technical support means that response times may vary, depending on the availability of technical personnel.
How to Fix the Issue
For those looking to fix the issue, CrowdStrike has provided detailed instructions in their official blog post. Here’s a summary of the steps you need to follow:
- Reboot the Host: Reboot the host to give it an opportunity to download the reverted channel file. If the host crashes again, proceed to the next steps.
- Boot into Safe Mode or Windows Recovery Environment: Boot Windows into Safe Mode or the Windows Recovery Environment. Using a wired network connection and Safe Mode with Networking can aid in remediation.
- Navigate to CrowdStrike Directory: Go to the directory
%WINDIR%\System32\drivers\CrowdStrike
. - Delete the Faulty File: Locate the file matching “C-00000291*.sys” and delete it.
- Boot Normally: Reboot the host normally.
Note: For Bitlocker-encrypted hosts, you may require a recovery key during this process.
Detailed steps and necessary tools are available in the official CrowdStrike blog post. Make sure to follow each step carefully to ensure the fix is applied correctly.
The Chaos in Action
Videos and images of the chaos caused by this bug are being posted by many users on the internet. From airport flight information screens to bank teller systems, this CrowdStrike update has created significant business disruptions. Check out the few below from social media platform Twitter/X
CROWDSTRIKE OUTAGE: Airplanes grounded, banking, Microsoft and businesses disrupted after software update bug causes worldwide chaos.
— Oliya Scootercaster 🛴 (@ScooterCasterNY) July 19, 2024
Times Square Billboards GO DARK in NYC.
Video by Kevin RC Wilson [email protected] to license pic.twitter.com/mBv6lsSvq6
Every flight status screen at DIA looks like this right now…wild. #MicrosoftOutage pic.twitter.com/fv4ZkH8ALM
— Parker Lathrop (@travelwithparkr) July 19, 2024
Long lines at the airport this morning as outages across the globe impacted flights. United, American and Delta grounded flights earlier, leading to some delays and cancellations. More here: pic.twitter.com/AvrTxphrib
— Shoshana Stahl (@shoshana_stahl) July 19, 2024
Mayhem at the airports! Singapore Changi Airport Scoot Airlines check-in systems are all down ! Airlines relying on good, old whiteboard to communicate status. #changi_airport #scoot #flyscoot #global_outage pic.twitter.com/KSZEZbb4bj
— Sarath Sasikumar (@sarathsasikumar) July 19, 2024
Life goes on in #aviation #mircosoft pic.twitter.com/zM9FI53GNA
— Arindam Majumder (@ari_maj) July 19, 2024
— Renee Benson -#InfoComm24 #avtweeps @TheAVLifePod (@AVReneeKC) July 19, 2024
The last time a bug caused such a widespread impact was during the Blaster Worm outbreak. The Blaster Worm, also known as the “Lovesan” worm, infected Windows XP and Windows 2000 machines, causing them to crash and restart continuously. Similar to the current issue, the Blaster Worm highlighted the critical importance of robust cybersecurity measures and rapid response capabilities.