Symptoms
- Blue Screen of Death (BSOD): Frequent crashes during boot or operation.
- System inaccessibility: Users are unable to access published desktops or applications.
- Performance degradation: Significant system slowdowns or freezes.
Cause
A CrowdStrike content update introduced conflicts and errors in Windows hosts, causing widespread system instability.
Resolution
To address the BSOD issue caused by the CrowdStrike update, the following remediation steps can be taken:
- Reboot in safe mode: Press F8 or Shift + F8, remove the problematic file per CrowdStrike's instructions, and restart the host.
- Attach the disk to another VM: Detach the affected disk, attach it to a healthy VM, remove the problematic file, and reattach it to the original VM.
- Rollback with RAS: Use RAS template versioning to revert to a stable state. Refer to Image management (template versioning & provisioning updates.
- Revert snapshots/backups: Restore from a snapshot or backup taken before the 7/19 update and verify that system functions as expected.
If you have altered the hardware profile, for example, changed the VM or NIC of the Primary Connection Broker, you might need to reactivate RAS.
Note: This requirement is not directly related to the CrowdStrike update. Reactivation is always necessary if the hardware profile of the Primary Connection Broker is changed. This applies specifically to the Primary Connection Broker of the Licensing Site.
Was this article helpful?
Tell us how we can improve it.