Microsoft users worldwide, including in India, are experiencing major IT outages, resulting in widespread instances of the dreaded Blue Screen of Death on their Windows devices. This incident is being recognized as one of the most extensive IT disturbances in recent years.
Today, Union Minister of IT and Electronics Ashwini Vaishnaw said that the government has consulted with the US tech company Microsoft regarding the IT outage that has taken multiple sectors under its severe effect across the world including India.
Ashwini took to his X handle to assure the IT fraternity of India and posted, “MEITY is in touch with Microsoft and its associates regarding the global outage. The reason for this outage has been identified and updates have been released to resolve the issue. CERT is issuing a technical advisory.”
He also stated that the NIC network is not impacted by the outage.
The Union Minister of IT and Electronics also released a CERT-In advisory related to the Microsoft outage. The advisory acknowledged that the Windows hosts running the Crowdstrike agent “Falcon Sensor” are experiencing outages and crashes due to a recent product update. While the affected Windows hosts are coming across the “BSOD (Blue Screen of Death)” linked with the Falcon Sensor.
The advisories also suggested the following steps for the users still facing crashes, difficulty staying online, and receiving Channel File Changes:
Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.
Furthermore, the advisories advise the users to check for the latest updates from the Crowd Strike portal. The mailing address of CrowdStrike is as follows as provided by the CERT-In Advisory:
"Our services are still seeing continuous improvements while we continue to take mitigation actions," Microsoft posted on X.
Today, multiple sectors across the globe were severely affected by the technical outage of Microsoft Windows and the American Cybersecurity firm Crowdstrike.
“There are two main issues on the agenda: The first is how customers get back online and regain continuity of business processes. It turns out that because the endpoints have crashed - the Blue Screen of Death - they cannot be updated remotely and this the problem must be solved manually, endpoint by endpoint. This is expected to be a process that will take days. The second is around what caused the malfunction. The range of possibilities ranges from human error - for instance a developer who downloaded an update without sufficient quality control - to the complex and intriguing scenario of a deep cyberattack, prepared ahead of time and involving an attacker activating a "doomsday command" or “kill switch”. CrowdStrike's analysis and updates in the coming days will be of the utmost interest,” notes Omer Grossman, Chief Information Officer (CIO) at CyberArk.
Alois Reitbauer, Chief AI Strategist, Dynatrace, emphasizes "When outages do occur, organizations need the capability to pinpoint root cause and remediate immediately. AI-driven approaches have become essential for complex IT operations to deploy as manual processes cannot keep up. A power of 3 approach to AI leveraging predictive, causal, and generative AI is increasingly critical to help organizations deliver the highest availability and performance of software as well as minimize disruption to end user experience."
Airlines and airports business is interrupted around the world, including India, the U.S., Germany, France, the U.K., the Netherlands, Australia, Singapore, China, Taiwan, and Japan. These countries are reporting problems retrieving boarding passes, check-in, and ticketing systems. Flights are delayed creating an atmosphere of chaos at airports.
The reports suggest that the London Stock Exchange in the UK has reported disturbance in its services. Along with that, the country’s clinical computer system of National Health Services was down refraining hundreds of people from calling to book an appointment.
UK news channel Sky News also faced trouble broadcasting live due to the outage as shared by David Rhodes, executive chairman of the firm.
Several companies’ employees from across the world reported problems starting their computers that leave greater impacts on the organizations. Microsoft claimed, “Users may notice that some of the affected users are seeing relief as we continue to mitigate the impact.” However, the outage has not completely vanished and the problems are still outpouring the systems.
The outage is an example of how weak our interconnected systems are. It is critical that organizations put more attention to business continuity efforts by preventing such outages. Srirang Srikantha, Founder & CEO, Yethi Consulting agrees"The outages represents how fragile and interconnected our systems are. Companies like MSFT have great practices, and the fact that a bug passes through its process is unfortunate. It reiterates the need for good practices of testing before releasing new software to production systems."
Such incidents underscore the importance of rigorous compatibility testing between security solutions and operating system updates to prevent widespread disruptions. Kumar Ritesh, CEO & Founder, CYFIRMA, suggests, “There are measures that can be put in place to avoid such disruptions. Before deploying any security update or software patch, create a testing environment that mirrors production systems. Test the update thoroughly in this environment to identify any compatibility issues or unexpected behavior. Avoid deploying updates across all systems simultaneously. Instead, roll them out gradually to a subset of machines.”
The current outage reinforces the importance of testing a release on certain systems. Jake Moore, Global Security Advisor at ESET, agrees, “Businesses must test their infrastructure and have multiple fail safes in place, however large the company is, this is typically referred to as a cyber-resilience plan. But as often is the case, it is simply impossible to simulate the size and magnitude of the issue in a safe environment without testing the actual network.”
Manoj Ajgaonkar, Partner, Digital, Trust and Transformation, Forvis Mazars in India, adds, “It is important to understand the critical nature of these disruptions and their impact on businesses. To safeguard our clients' interests and ensure resilience, it is crucial to address these issues proactively with robust backup systems, automated rollback mechanisms, rigorous testing of updates, and comprehensive business continuity plans. During such outages, systems are more vulnerable to cybersecurity threats, leading to potential data breaches and unauthorised access."
As the companies continue to suffer from this outage, it will be interesting to see how organizations realign themselves to prevent future incidents.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
