Earlier today, almost the entire enterprise and business sector running Windows PCs got hit by a buggy Crowdstrike Falcon sensor software update. This would lead to BSODs (blue screen of deaths) on such affected systems with an error message "csagent.sys (PAGE_FAULT_IN_NONEPAGED_AREA)." Crowdstrike Falcon sensor SOAR (Security Orchestration, Automation and Response) is an endpoint security solution by the firm intended to prevent malware and various cyberattacks.
The official Microsoft 365 Status X handle also declared that it was aware of the global outage and that the bug was being tracked under ID WP821561 in the Microsoft 365 admin center.
We"re aware of an issue with Windows 365 Cloud PCs caused by a recent update to CrowdStrike Falcon Sensor software. This is being communicated under WP821561 in the admin center. (Cont...)
— Microsoft 365 Status (@MSFT365Status) July 19, 2024
Since then Crowdstrike has also offered workarounds and solutions to the issue that we covered in detail separately in this dedicated article.
Crowdstrike has stated that the issue has been identified and a fix has been deployed. The CEO of the cybersecurity firm has apologized but has also said that it "could be some time" for all affected systems to fully recover.
Meanwhile, Microsoft has been updating its own X post with updates regarding the outage. As is usually the case, one of the things that generally works when faced with a botched update is to roll back the system to a previously working restore point.
The tech giant said:
To fix this, users may restore their Windows 365 Cloud PC to a known good state prior to the release of the update (July 19, 2024)
As such, the company has linked to two support documents on its official websites that details how to restore systems to their previous working state in case you are still unable to recover from the Falcon outage.
You can visit the links listed above to know more about restoring systems prior to the release of the update (July 19, 2024) 0409 UTC.