Security News > 2022 > August > VMware Carbon Black causing BSOD crashes on Windows

VMware Carbon Black causing BSOD crashes on Windows
2022-08-23 21:42

Windows servers and workstations at dozens of organizations started to crash earlier today because of an issue caused by certain versions of VMware's Carbon Black endpoint security solution.

The root of the problem is a ruleset deployed today to Carbon Black Cloud Sensor 3.6.0.1979 - 3.8.0.398 that causes devices to crash and show a blue screen at startup, denying access to them.

Tim Geschwindt, an incident responder for S-RM Cyber, told BleepingComputer that starting at 15:30, clients started to complain that their servers and workstations were crashing and suspected Carbon Black to be at fault.

The researcher determined that all clients running Carbon Black sensor 3.7.0.1253 were affected.

As a temporary workaround, VMware recommends putting sensors into Bypass mode via Carbon Black Cloud Console.

"VMware Carbon Black is aware of an issue affecting a limited number of customer endpoints, where certain older sensor versions were impacted by an update of our behavioral preventative capabilities. The issue has been identified and corrected, and VMware Carbon Black is working with impacted customers."


News URL

https://www.bleepingcomputer.com/news/security/vmware-carbon-black-causing-bsod-crashes-on-windows/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Vmware 146 11 222 256 102 591