Major Cybersecurity Company CrowdStrike Update Causes Global Microsoft Outage and BSOD Crisis—Step-by-Step Fix Guide Included

Thousands of Windows machines are experiencing Blue Screen of Death (BSOD) issues due to a recent faulty update from CrowdStrike, a leading cybersecurity provider. This problem has severely impacted businesses worldwide, causing PCs and servers to enter a recovery boot loop. In this article, we will guide you through resolving this BSOD issue using recovery mode on Windows machines and provide additional optional solutions to address the problem.

Aimbot Business Services

Aimbot Business Services offers IT support and services in Warsaw, Poland.

Contact Information:

• Website: aimbizit.com
• Email: [email protected], [email protected]
• Address: al. Jana Paw?a II 43A/37b, 01-001 Warszawa
• Phone: 729 251 331

Primary Solution: Fixing BSOD Using Recovery Mode

Step-by-Step Guide

If you are seeing the Recovery option Already due to Blue Screen of Death error ( see the Picture)

1. Access Advanced Recovery Mode by Clicking "See advance repair options"
2. Select "Troubleshoot" (Ref: ##11)
3. Select "Advanced Options"
4. Open "Command Prompt"
5. Enter BitLocker Recovery Key (if necessary) (if you are working in a Organization, Ask the Local IT or Service Desk for BitLocker Recovery Key)
6. Execute Below Commands in Command Prompt

Follow these commands step-by-step to locate and remove the problematic CrowdStrike driver file.

• Switch to the C: Drive ( you will see X:\sources> and after you will write following command.

X:\sources>C:        

• Navigate to the CrowdStrike Driver Directory:

cd \Windows\System32\drivers\CrowdStrike        

• Delete the Problematic File:

del c-00000291*.sys        

1. Verify File Deletion: ( if you see file not found, then you are good to go)

dir c-00000291*.sys        

1. Restart the Computer After executing the commands, restart your computer. It should now boot normally without encountering the BSOD related to CrowdStrike.

USB Recovery Media to go to recovery mode: ( if you don't see the Recovery Screen Automatically)

To create USB recovery media, see Create Windows Recovery Media for Your Dell Computer.

1. Insert the recovery media into a USB port or a DVD drive, depending on the format you used to create the recovery media.
2. Power the computer off.
3. Power on the computer and tap the following key several times at the logo screen to access the boot menu: Dell (F12), HP (Esc or F9), Lenovo (F12 or F11), ASUS (F8 or Esc), Acer (F12 or Esc), Toshiba (F12), then select your USB drive.
4. At the boot menu, select the device under UEFI BOOT that matches your media type (USB or DVD).

Now follow the steps from 2. Select "Troubleshoot" (Ref: ##11) in the first step and run the commands and restart the computer.

Optional Methods for Fixing BSOD Issues

If the primary solution does not resolve the issue, you can try the following alternative methods:

Optional Methods for Fixing BSOD Issues

If the primary solution does not resolve the issue, you can try the following alternative methods:

Method 1: Use Safe Mode

• Boot into Safe Mode

1. Restart your computer and press F8 or Shift+F8 before the Windows logo appears to access the boot menu.
2. Select "Safe Mode."

• Navigate to the CrowdStrike Driver Directory

1. Open Command Prompt as an administrator.
2. Follow the same commands as in the primary solution to delete the problematic file.

Method 2: Use System Restore

• Access Advanced Recovery Mode

1. Follow steps to reach "Advanced options."

• Select System Restore

1. Click "System Restore" and follow the prompts to restore your system to a point before the CrowdStrike update.

Method 3: Use Registry Editor to Block CSAgent Service

Access Advanced Recovery Mode

• After a few BSOD errors, you will see the recovery screen with the message: "It looks like Windows didn't load correctly."

1. Choose "See advanced repair options."

• Select Troubleshoot

1. Click "Troubleshoot" from the options.

• Select Advanced Options

1. Click "Advanced options."

• Boot into Safe Mode

1. Restart your computer and keep hitting the F8 key until the Advanced Boot Options menu appears.
2. Select "Safe Mode."

• Open Registry Editor

1. Press Win+R, type regedit, and press Enter to open the Windows Registry Editor.

• Navigate to CSAgent Service Path

1. In the Registry Editor, navigate to the following path:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CSAgent        

• Modify the Start Value

1. In the CSAgent key, locate the "Start" entry on the right pane.
2. Double-click on "Start" to edit its value.
3. Change the value data from "1" (automatic start) to "4" (disabled).
4. Click OK to save the changes.

Close the Registry Editor and Restart

Close the Registry Editor and restart your computer. This change will prevent the CSAgent service from starting automatically, allowing your system to boot normally.

Summary

1. Primary Solution: Use Advanced Recovery Mode to delete the problematic CrowdStrike driver file.
2. Optional Methods: Utilize Safe Mode, System Restore, or modify the Windows Registry to block the CSAgent service.

By following these steps, you can resolve the BSOD issue caused by the CrowdStrike update.

This guide ensures a straightforward approach to troubleshooting and fixing the problem, allowing your system to return to normal functionality.

About Aimbot Business Services

Overview: Aimbot Business Services Sp. z o.o. offers comprehensive computer support and IT services based in Warsaw, Poland. Founded in 2021, they provide a range of IT solutions including infrastructure development, desktop and network support, and remote IT services.

Key Services:

• IT Infrastructure Development
• IMAC (Install, Move, Add, Change) Services
• Decommissioning
• Break Fix Solutions
• Site Survey and Stock Inventory
• Audit Services
• Smart Hands for Remote IT Support

Contact Information:

• Website: aimbizit.com
• Email: [email protected] (Sales), [email protected] (HR)
• Address: al. Jana Paw?a II 43A/37b, 01-001 Warszawa
• Phone: 729 251 331
• Hours: Closed, Opens 7?AM Mon

Tags: BSOD, Blue Screen of Death, CrowdStrike Update, Windows Recovery, IT Solutions, Windows Troubleshooting, BitLocker, Command Prompt, Recovery Mode, System Crash Fix.