<div>Update: The initial estimate of 5000 impacted desktops is down to<strong> 230</strong> managed and unmanaged systems as of noon ET, Thursday, August 1, 2024. IT teams continue to triage and resolve as problem tickets are submitted.<br><br>The CIT Endpoint Infrastructure and Engineering tool has been deployed. IT staff are ready to help during regular business hours when you <a href="https://it.cornell.edu/support">contact the IT Service Desk</a>.<br><br><a href="https://www.crowdstrike.com/falcon-content-update-remediation-and-guidan... has provided an explanation</a> for what went wrong.<br><br> Resources and the back story follow.<br><br>Resources:<br><br></div><div>Web pages we are using to document fixes and track systems that are down. NOTE: for individual desktops, administrative access is required to use the fix instructions.</div><ul><li>How to fix Win Blue screen: <a href="https://it.cornell.edu/endpoint-mgmt/crowdstrike-bluescreen">https://it.... </a> </li><li>BitLocker Recovery Key: <a href="https://it.cornell.edu/bitlocker/bitlocker-get-recovery-key">https://it.... </li><li>Down systems: <a href="https://it.cornell.edu/endpoint-mgmt/down-windows-systems">https://it.co... </li><li>From Microsoft, start in safe mode: <a href="https://support.microsoft.com/en-us/windows/start-your-pc-in-safe-mode-i... </li></ul><div><br>There are zero reported down systems or Windows PC Zoom rooms at this time.</div><div><br>If you are aware of a down system or Windows PC Zoom room, please contact the IT Service Desk: <a href="https://it.cornell.edu/support">https://it.cornell.edu/support</a> ... story:<br>This is part of a large-scale technology incident, primarily affecting Microsoft Windows machines. This issue is part of a global outage caused by a problematic update from one of the nation’s largest anti-virus software providers, CrowdStrike.<br><br>Overnight, the vendor stopped deployment of the update, corrected the problematic code, and started sending a new patch. Our IT teams have successfully recovered many critical systems, including those enabling single sign-on and multi-factor authentication. Major systems like Epic, Canvas, email, and SAP are functioning, however, we are still finding some affected systems. The workaround on servers is imperfect and will need additional work to fully correct once we have better information from the vendors.<br><br>For impacted customers, the error message begins, "Your PC ran into a problem and needs to restart." Computers that were not turned on when the update was delivered have not been affected, because CrowdStrike has stopped distributing that update.<br><br></div>