The Cabinet Division has released a cybersecurity advisory concerning a significant Windows outage affecting versions 10 and 11 worldwide. The disruption has been traced to a recent update of CrowdStrike’s Falcon Sensor, which has caused widespread system failures, including Blue Screen of Death (BSOD) loops, rendering affected systems inoperable.

Users have reported encountering repeated BSODs with the error message “DRIVER_OVERRAN_STACK_BUFFER,” preventing normal system boot and operation. The advisory notes that the impact has been particularly severe for large enterprises such as banks, airlines, hospitals, broadcasters, and other critical sectors. Some organizations have reported thousands of affected devices, including essential production servers, raising concerns about the continuity of vital services.

To mitigate the effects of the outage, the Cabinet Division advises users to implement backups and high availability measures for critical services, data, and systems. These precautions are recommended to minimize the impact of ongoing or future disruptions until a permanent solution is found.

To address the issue, affected users are instructed to boot Windows into Safe Mode or the Windows Recovery Environment and navigate to the directory C:\Windows\System32\Drivers\CrowdStrike. Users should then locate and delete the file matching C-00000291*.sys. After removing this file, users can attempt to boot Windows normally.

The advisory also suggests testing any CrowdStrike fixes in a controlled environment before deploying them to production systems to ensure stability. The Cabinet Division has urged the prompt dissemination of this advisory to all federal and provincial ministries, concerned departments, and affiliated entities.