
It’s been quite the day with Crowdstrike seemingly releasing an update that bricks a subset of Windows devices. This has caused chaos across the world with services from airlines, banks, TV channels, and more grinding to a halt. I’ll put a full writeup together when we better understand what happened but here are the troubleshooting steps if you’re affected.
Troubleshooting
Crowdstrike themselves have released a statement saying that ‘rebooting multiple times’ has helped fix the issue. Some users have reported after around 15 reboots the issue goes away. If this doesn’t work then try the following.
- Get to the recovery way through any way possible. You may need to cycle through blue screen of deaths multiple times, press F11 (or F9, F12 depending on device), or using a Windows Recovery Bootable USB drive.
- If you have Bitlocker Enabled Perform Steps 2-4, otherwise skip to 5: Navigate to Troubleshoot > Advanced Options > Startup Settings
- Press Restart
- Skip the first and second Bitlocker recovery kay prompts by clicking Esc and then Skip this Drive (bottom right)
- Navigate to Troubleshoot > Advanced Options > Command Prompt
- Type ‘bcdedit /set {default} safeboot minimal’ and press enter
- Close the Command Prompt window and press continue so the computer restarts
- The computer will restart, sometimes multiple times
- You should have booted into safe mode
- Log in as usual
- Open Windows Explorer and navigate to C:\Windows\System32\drivers\Crowdstrike
- Delete the file causing the issue. It begins with ‘C-00000201* and has a .sys file extension)
- Open Command Prompt as an administrator (right click run as administrator)
- Type ‘bcdedit /deletevalue {default} safeboot’ to turn safe boot off and press enter
- Restart as usual
- Fixed!
Thanks for reading and let me know how you’ve been affected by the outage in the comments.
I’m now offering paid consultancy calls to discuss all things Workplace Tech. If you need help with your IT strategy, SaaS automations, MDM rollout, and more book a call with me today!