Crowdstrike Security Software Causes Massive Blue Screen Crashes on Windows 10/11 Globally, with Solution Provided

Today, photos of Windows blue screen crashes were shared by netizens worldwide, with the error code PAGE_FAULT_IN_NONPAGED_AREA. It appears that the blue screen crashes were caused by the driver file csagent.sys, which belongs to the American cybersecurity company Crowdstrike.

Crowdstrike is an endpoint security software developed by the American software developer of the same name, mainly providing services like endpoint security protection, threat intelligence, and defense against cyber attacks for enterprises and institutions.

Currently, netizens in China, Japan, Australia, New Zealand, India, and other markets have posted photos of the blue screen crashes, affecting industries including but not limited to government websites, banks, libraries, and businesses. It seems that a software or virus database update released by Crowdstrike has caused compatibility issues.

For instance, the Australian Broadcasting Corporation had to broadcast prerecorded videos on a loop, citing a major network disruption. The National Cyber Security Coordinator of Australia responded that they were aware of a large-scale technical failure affecting many businesses and services in Australia.

A temporary solution to this problem is to prevent the Crowdstrike driver from starting in Safe Mode. For example, by renaming the C:\windows\system32\drivers\crowdstrike folder in Safe Mode, the compatibility-causing driver file cannot be called normally, and the system can return to normal use.

After receiving numerous user feedbacks, Crowdstrike issued a statement acknowledging the issue and stated they were addressing it. An engineer from the company mentioned on Reddit that they were in the process of revoking a change made by Crowdstrike that could cause blue screen crashes.