Security News > 2022 > August > VMware confirms Carbon Black causes BSODs, boot loops on Windows

VMware has admitted an update on some versions of its Carbon Black endpoint solution is responsible for BSODs and boot loops on Windows machines after multiple organizations were affected by the problem.

The problem surfaced yesterday, with threat hunter Tim Geschwindt stating on Twitter he knew of about 50 organizations struggling with the issue, and saying the Carbon Black endpoint solution was "Causing blue screens of death for devices running sensor version 3.7.0.1253".

The virtualization giant, which hosts its VMware Explore event in San Francisco next week, has rolled back the rulesets, and promises that as machines check in, they will "Get the updated ruleset and auto-resolve."

Admins have been told to place affected devices into bypass mode via the Carbon Black Cloud Console to allow them to boot successfully and have the ruleset removed, although a "Small subset" may require an additional workaround and those looking after them should open a support ticket.

There's more information in the Knowledge Base, and Carbon Black users should check for updates.

Tech analysts at Gartner have predicted that VMware's new owner, Broadcom, may rationalize some products, noting that both Symantec and the Carbon Black unit offer endpoint protection products.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/08/24/vmware_carbon_black_boot_loop/