Following Microsoft outage, CERT-In issues guidelines for system security
Hyderabad: Following the outage of Microsoft Windows due to crowd strike agent Falcon Sensor, several services were affected throughout the world including the air services. Especially air passengers throughout the country including Rajiv Gandhi International airport (RGIA) were mostly affected.
The Crowd strike update is breaking computers running Windows, causing them to crash and display the Blue Screen of Death. Companies around the world have been unable to reboot.Indian Computer Emergency Response Team (CERT-In) the national nodal agency for responding to computer security incidents issued a guideline to be followed. Cert-In which issues warning in situations like these rated the outage as ‘critical’ and said, “It has been reported that Windows hosts related to Crowd strike agent Falcon Sensor, are facing outages and getting crashed due to ro received in the product. The concerned windows hosts are experiencing a Blue Screen of Death (BSOD), related to Falcon Sensor.”
The issues occurred in the latest update of CrowdStrike and the changes have been reverted by the Crowd Strike Team. If hosts are still crashing and unable to stay online to receive the Channel File Changes, the following steps can be used as work around, said CERT-in in an official statement
CERT-In issued a series of guidelines to be followed – “ Step1: Boot Windows into Safe Mode or the Windows Recovery Environment,Step 2: Navigate to the C:\Windows\System32\drivers CrowdStrike directory, Step 3: Locate the file matching “C-00000291 sys”, and delete it. Step 4: Boot the host normally”.
Union Minister of Railway and Information & Broadcasting, Ashwini Vaishnav said, “MEITY is in touch with Microsoft and its associates regarding the global outage.The reason for this outage has been identified and updates have been released to resolve the issue. CERT is issuing a technical advisory.NIC network is not affected”.
