Windows Blue Screen of Death hits millions in Microsoft and CrowdStrike outage — what you need to know

Windows Blue Screen of Death
(Image credit: Lea Rae / Shutterstock)

This has not been a good day for literally any Windows PC on Earth. Businesses have been affected by a glitchy CrowdStrike security update, which is causing Windows computers to be hit by the Blue Screen of Death.

Normally, this was just isolated to an individual user’s frustrations, which are fixed by entering System Recovery. But the scope of this is so massive, that it’s impacting airlines, banks, TV channels, and even emergency services. You can follow along with the latest on this outage on our live blog.

What I want to do is take you through everything we know — what has happened so far, who has been hit, why has it happened, and what the potential fix is.

A short timeline of events

  • At around 12:15am ET on Friday morning, mass outages were being reported on Down Detector — citing a Blue Screen of Death across a whole lot of IT systems. Australia’s home affairs minister said the outage seemed to be related to a Crowdstrike issue.
  • Following this, several companies, including airports, banks and media companies went down. Updates were posted on social media, pointing towards issues with Microsoft and Crowdstrike services.
  • At 10:45am ET, Crowdstrike’s CEO posted a statement saying a “defect” was found in “a single content update to Windows hosts,” and that a “fix has been deployed.” Not much is known about the progress of said fix, as millions are still being hit hard by this.

Who is impacted?

This mass IT outage has hit a lot of companies across the globe. We’ve got a list of businesses and public services that you can check to see if they’ve been impacted.

Fortunately, it’s not *every* type of computer, as Mac and Linux users are not affected by this issue

How did it happen?

Specific details of what caused this are a little thin on the ground, but it seems to be a one-two punch of CrowdStrike and Microsoft. Based on early reports, the former seems to have been down to a security update, which packed a bug that knocked out systems.

Separately, Microsoft services also went down due to “Azure backend workloads,” which caused “connectivity failures.”

Is there a fix?

Sort of. From a global perspective, this is going to take a while. CrowdStrike CEO George Kurtz has issued a statement about it saying it is “not a cyberattack, and that the team is “fully mobilized to ensure the security and stability” of its customers.

However, as The Verge’s Tom Warren correctly points out here, the fix CrowdStrike is deploying requires machines to be online, which is… let’s say unlikely given what has happened.

On top of that, there’s concerns that this issue will require a “human visit to every machine,” to reboot every machine with a USB stick. So be extra nice to your IT admins today — they’ve got a mountain ahead of them!

However, there are three different workarounds — one published by CrowdStrike itself and two from Neowin that may work. If you’re experiencing this yourself, follow the steps below.

Method 1

  • Startup your Windows PC in Safe Mode
  • Head over to C:\Windows\System32\drivers\CrowdStrike in the File explorer
  • Search for a file called "C-00000291*.sys" and delete it
  • Restart the PC in regular mode

Method 2

  • Open Command Prompt from Recovery options
  • Head over to C:\Windows\System32\Drivers
  • Change the name of CrowdStrike to Crowdstrike_Old
  • Restart the PC

Method 3

  • Startup your Windows PC in Safe Mode
  • Open Windows Registry
  • To disable the csagent.sys from loading that seems to be causing the impact, you need to edit the following key “HKLM:\SYSTEM\CurrentControlSet\Services\CSAgent\Start” from a 1 to a 4
  • Restart the PC

Let us know in the comments if any of these options don’t work!

More from Tom's Guide

Network
Arrow
Intego
Norton
Contract Length
Arrow
Showing 2 of 2 deals
Filters
Arrow
TOPICS
Jason England
Managing Editor — Computing

Jason brings a decade of tech and gaming journalism experience to his role as a Managing Editor of Computing at Tom's Guide. He has previously written for Laptop Mag, Tom's Hardware, Kotaku, Stuff and BBC Science Focus. In his spare time, you'll find Jason looking for good dogs to pet or thinking about eating pizza if he isn't already.

Read more
Windows
240 million Windows 10 users are vulnerable to six different hacker exploits — protect yourself now
laptop anger
Latest Windows 11 update reportedly breaking major parts of the operating system
Slack
Slack was down — latest updates on massive outage
How to disable the Windows key
Microsoft patches over 160 security flaws including 3 active zero days — update your PC right now
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
Elon Musk next to the X logo for the social media network that used to be called Twitter
X was down — live updates on outage Musk blames on ‘massive cyberattack’
Latest in Computing
A picture of a skull and bones on a smartphone depicting malware
Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
HP OmniBook
HP’s new OmniBook lineup looks set to smash AI laptop price barriers — that’s a good thing if the company keeps up its end of the deal
nvidia presenting
Nvidia GTC 2025 live — Jensen Huang on what's next in AI, robotics and accelerated computing
NordProtect logo on black background
NordVPN's NordProtect cyber insurance goes solo – and adds a key new feature
Latest in News
NYTimes Connections
NYT Connections today hints and answers — Wednesday, March 19 (#647)
Chromecast with Google TV connected to display
Google finally pushes out full Chromecast fix for users who factory reset — here’s what to do
A picture of a skull and bones on a smartphone depicting malware
Hundreds of malicious Android apps with 60 million downloads found spamming Android users with ads and stealing credentials
Switch 2 console and logo
Nintendo Switch 2 rumor just tipped possible release date — and it's much sooner than we thought
Hacker typing on laptop in darkened room
Hackers create "BRUTED" tool to attack VPNs – how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs