Microsoft outage: What is CrowdStrike and why users are getting Windows blue screens

Here's what you need to know.
By Tim Marcin and Stan Schroeder  on 
Crowdstrike software

Editor's note: Check out our oft-updated live blog for all new developments about the Microsoft/CrowdStrike outage


Windows PCs all around the world are crashing, and it's getting uglier fast.

It's all due to an issue with CrowdStrike's Falcon Sensor software, and it's spreading in unpredictable ways. But what is CrowdStrike? What's a "blue screen of death"? And how worried should Windows PC owners be? Here's what you need to know.

What is CrowdStrike, and what is Falcon Sensor?

CrowdStrike is a cybersecurity company, and Falcon Sensor is software designed to prevent computer systems from cyber attacks. Earlier this morning, on July 19, the company warned its users that Windows systems are "experiencing a bugcheck/blue screen error related to the Falcon Sensor," and said that its engineering teams are "actively working to resolve this issue."

Apparently, an update to the Falcon software is what caused the issue; the company rolled back the update but numerous machines are still affected.

Both Microsoft and CrowdStrike have now acknowledged the issue, which is only present on Windows machines, while Mac and Linux computers aren't affected.

LIVE UPDATES: Microsoft outage linked to CrowdStrike knocks users offline

"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts. Mac and Linux hosts are not impacted. This is not a security incident or cyberattack. The issue has been identified, isolated and a fix has been deployed. We refer customers to the support portal for the latest updates and will continue to provide complete and continuous updates on our website. We further recommend organizations ensure they’re communicating with CrowdStrike representatives through official channels. Our team is fully mobilized to ensure the security and stability of CrowdStrike customers," George Kurtz, CrowdStrike's President and CEO, wrote on X.

What's a blue screen of death?

If you've been so fortunate to never see a blue screen of death, it is a type of critical error on Windows PCs which essentially halts whatever the computer's been doing and displays an error report on a blue screen.

What is CrowdStrike's relationship with Microsoft?

CrowdStrike doesn't really have a direct relationship with Microsoft. It is, however, a hugely popular cybersecurity company, especially for large businesses and institutions, due to its reputation of being able to stop cyberattacks in their tracks, and that means it runs on a lot of Windows machines. It is also available for Mac and Linux computers, though the current issue is only related to Windows computers.

A report from IDC dated February 2023 placed CrowdStrike at the number one spot when it comes to endpoint security, with a 17.7% market share. Microsoft's own endpoint security solutions are a close second with a 16.4% market share.

How widespread is this issue?

CrowdStrike's software is popular and widely used, and as a result, there are numerous outages across platforms including Microsoft 365, Azure, Instagram, eBay, Visa, and AT&T. A number of banks, such as Chase, Wells Fargo, TD Bank, and US Bank appeared to be having issues as well. Downdetector is a good place to check which services are having issues. (Full disclosure: Downdetector is owned by Mashable's parent company, ZiffDavis.)

Mashable Light Speed
Want more out-of-this world tech, space and science stories?
Sign up for Mashable's weekly Light Speed newsletter.
By signing up you agree to our Terms of Use and Privacy Policy.
Thanks for signing up!

The problems are widespread enough to have caused some airlines, including Delta, American, RyanAir, and United Airlines, being grounded due to communications issues, apparently related to the outage.

Sky News was unable to broadcast live TV early on Friday, also apparently due to this problem.

Even electronic payment systems in some supermarkets are down, rendering people unable to pay for groceries.

What should I do?

CrowdStrike software is typically maintained by the company's system administrator. For most users experiencing problems, this means that they should probably report the issue to their system admin and wait for resolution.

In a notice to users, CrowdStrike said that there is no need to open a support ticket with CrowdStrike as the company's engineers are aware of the issue and are actively working on it.

For support from CrowdStrike, users can go to the company's Support Portal over at supportportal.crowdstrike.com/s.

There's also an active discussion on Reddit, where system admins are sharing their experiences while trying to resolve the issue.

If you're eager to try to fix the issue yourself, here's a workaround:

  1. "Boot Windows into Safe Mode or the Windows Recovery Environment

  2. "Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

  3. "Locate the file matching 'C-0000029*.sys', and delete it.

  4. "Boot the host normally."

How long will the Microsoft outage last?

While the issue has been "identified, isolated, and a fix has been deployed," per CrowdStrike CEO George Kurtz, actually fixing it is not always trivial. This is not a simple update which can easily be deployed to all systems over-the-air, as many of the affected systems crash right after booting up, meaning they're in an endless boot loop. This, in turn, means that the fix must be applied manually (see instructions above) to each affected system, and in large companies, this can take many hours.

In an interview with TODAY, Kurtz admitted the issues could persist for a while longer.

"It could be some time for some systems that just automatically won’t recover," he said.

Microsoft's CEO Satya Nadella acknowledged the issue around midday Friday but did not provide a timeline for when people could expect the issues to be resolved.

"Yesterday, CrowdStrike released an update that began impacting IT systems globally," Nadella wrote on X. "We are aware of this issue and are working closely with CrowdStrike and across the industry to provide customers technical guidance and support to safely bring their systems back online."

Developing...

Topics Cybersecurity

close-up of man's face
Tim Marcin

Tim Marcin is an Associate Editor on the culture team at Mashable, where he mostly digs into the weird parts of the internet. You'll also see some coverage of memes, tech, sports, and the occasional hot take. You can find him posting endlessly about Buffalo wings on the website formerly known as Twitter at @timmarcin.

Stan Schroeder
Stan Schroeder
Senior Editor

Stan is a Senior Editor at Mashable, where he has worked since 2007. He's got more battery-powered gadgets and band t-shirts than you. He writes about the next groundbreaking thing. Typically, this is a phone, a coin, or a car. His ultimate goal is to know something about everything.


Recommended For You
Microsoft says CrowdStrike outage affected many more devices than reported
CrowdStrike logo over the Microsoft Windows blue screen of death


CrowdStrike announces Microsoft outage workaround. How to deal with the Blue Screen of Death.
The CrowdStrike logo on a smartphone.

Microsoft releases easier CrowdStrike fix
CrowdStrike logo over the Blue Screen of Death

Microsoft outage impacting flights globally. See the latest.
Passengers seated at Suvarnabhumi Airport in Bangkok, Thailand on July 19.

Trending on Mashable
Wordle today: Answer, hints for October 11
a phone displaying Wordle

NYT Connections today: Hints and answers for October 11
A phone displaying the New York Times game 'Connections.'

Astronomers just found a galaxy way too advanced for its time
Galaxy forming in the early universe

Tesla’s surprise announcements: Robovan and Optimus
Two images side by side. On the left is a screenshot of the Robovan. On the right is a Tesla promotional image of an Optimus robot serving someone a drink.

'The Platform 2's twisty ending, explained
A close-up of a topless, bald man holding a lit lighter.
The biggest stories of the day delivered to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up. See you at your inbox!