Bluescreen of Death 2024: Solutions for fast IT recovery

Cyber resilience via remote maintenance
Remotely repair “Blue Screen of Death” (BSOD)

03.09.2024

A guest article by Christy Wyatt

3 min reading time

Providers on the topic

The experts agree: The “Blue Screen of Death” (BSOD) during the Crowdstrike incident on July 19, 2024 was one of the largest IT outages in history. How can networks and endpoints become functional again as quickly as possible in the event of damage? With cyber resilience, which is ideally already anchored in the BIOS.

The Crowdstrike outage was the most serious Blue Screen of Death (BSOD) to date, but it will not be the last such event.

(Image: o_a – stock.adobe.com)

The most serious BSOD to date was triggered by a faulty update of a widely used security software from Crowdstrike. The result: airports had to cease operations, banks, telecommunications companies and broadcasters were paralyzed, critical infrastructure and clinics were affected, and screens in tens of thousands of companies around the world remained black for up to 48 hours. In all likelihood, this will not be the last event of this kind, as large-scale outages caused by software errors are always possible. There is also a risk of serious network outages caused by a whole range of other causes, such as deliberate attacks, malware or natural disasters.

An update to its Falcon security software distributed by CrowdStrike caused a critical memory error in Windows systems. This caused Windows to crash with a

One-click recovery from BIOS

Absolute security At the beginning of August, at the international cyber security trade fair Black Hat 2024 in Las Vegas, a new feature of its “Secure Endpoint” solution was introduced, which is factory-integrated into the BIOS level of 600 million PCs from leading endpoint manufacturers and only needs to be licensed for activation. The new feature from the US-based cyber resilience specialist enables customers to remotely repair endpoints affected by the recent BSOD incident, including identifying associated corrupted files before they trigger a BSOD event. This new capability absolutely complements existing capabilities for remotely repairing and rehydrating PC failures caused by malware, ransomware, unauthorized access and technical errors.

Control over the entire PC fleet

Companies maintain control of their PC fleets with absolute and constant visibility and receive comprehensive information about the security status of all their endpoints to establish a Comply-to-Connect zero-trust model and ensure that only endpoints that comply with security policies can connect to the company's networks, resources and data. This reduces the risk of errors in detecting and preventing threats, stops unauthorized access attempts and prepares for stable network connectivity.

Central task at the highest management level

Attacks and disruptions are inevitable – not all of them can be fended off. That's why more is needed than the usual cyber security. In addition to good hygiene with regular backups, companies are obliged to install, manage and keep consistent security controls on their devices up to date. Cyber resilience is about the ability to get back on your feet just as strong, if not stronger, after disruptions and attacks and to be able to return to everyday work quickly. Cyber resilience must be seen as a central task of the highest management level in companies. Clear plans are needed that are regularly reviewed and adjusted and that also specify which resources the company has at its disposal in the face of adverse circumstances. There is still a huge need to catch up and take action here.

Still too many resilience gaps

This statement is based on the Cyber Resilience Risk Index 2024. For this purpose, Absolute Security analyzed the telemetry data of millions of PCs from companies and public institutions worldwide that have more than 500 active end devices with Windows 10 or 11 in use, on which the software from the US cyber resilience specialists is licensed. It turned out that almost 14 percent of the devices examined were completely missing endpoint protection platforms (EPP), while on computers with a security solution, the EPP and the software for zero-trust network access (ZTNA) did not work in accordance with industry compliance standards, such as those required by the NIS-2 directive, for example. Other major resilience gaps: Companies often wait too long to apply the necessary patches and do not adhere to their own patch guidelines. In addition, more than 90 percent of the computers examined do not have sufficient RAM capacity, which would soon be necessary for the use of artificial intelligence.

Crowdstrike published a guide for users to fix the problem and delete the faulty file from their computers. The steps would have to be carried out individually and manually on each computer. (©AddMeshCube – stock.adobe.com)

Reliability can only be ensured jointly

Failure safety as part of the IT resilience of companies must be the top priority in the modern digital world, and this can only be achieved together. It should not be about stigmatizing affected companies – on the contrary: we are all connected. If one of us or one industry has a problem, many partners must work together to solve this problem. We should always be aware that a blue screen of death or other failures can keep any company running.

Status as of 30.10.2020

It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. You can find detailed information in our privacy policy.

Consent to the use of data for advertising purposes

I agree that Vogel IT-Medien GmbH, Max-Josef-Metzger-Straße 21, 86157 Augsburg, including all companies associated with it within the meaning of Sections 15 ff of the German Stock Corporation Act (AktG) (hereinafter: Vogel Communications Group) may use my email address to send editorial newsletters. Lists of the respective companies can be found here. More will be.

The newsletter content covers products and services from all of the companies mentioned above, including, for example, specialist magazines and specialist books, events and trade fairs as well as event-related products and services, print and digital media offers and services such as other (editorial) newsletters, competitions, lead campaigns, online and offline market research, specialist web portals and e-learning offers. If my personal telephone number was also collected, it may be used to make offers for the aforementioned products and services from the aforementioned companies and market research.

If I access content protected by Vogel Communications Group portals on the Internet, including those of companies affiliated with them within the meaning of Sections 15 et seq. of the German Stock Corporation Act (AktG), I must register with additional data to access this content. In return for this free access to editorial content, my data may be used for the purposes stated here in accordance with this consent.

Right of withdrawal

I am aware that I can revoke this consent at any time for the future. My revocation does not affect the legality of the processing carried out on the basis of my consent until the revocation. To declare my revocation, I can also use the option under If I no longer wish to receive individual newsletters to which I have subscribed, I can also click on the unsubscribe link at the end of a newsletter. Further information on my right of withdrawal and its exercise as well as the consequences of my withdrawal can be found in the privacy policy, section Editorial Newsletter.

About the author: Christy Wyatt, CEO of Absolute Securityexpects further major IT outages and is therefore increasingly focusing on cyber resilience, ideally at the BIOS level.

Cybercriminals are using malicious domains that claim to provide assistance in dealing with the IT outage caused by a faulty CrowdStrike update. (Image: Dall-E / AI-generated)

(ID:50147002)

Bluescreen of Death 2024: Solutions for fast IT recovery