News/Tech News

BSODs, boot loops in Windows confirmed by VMware

Published on Aug 25, 2022

A VMware update on some versions of its Carbon Black endpoint solution is causing BSODs and boot loops on Windows machines, according to multiple organisation.

Several PCs began booting into blue screens with the stop code PFN_LIST_CORRUPT. This was apparently caused by a change in ruleset by the company, which agreed to be acquired by Broadcom in May.

It was reported on Twitter that threat hunter Tim Geschwindt was aware of 50 organisation experiencing the problem, and that Carbon Black’s endpoint solution was causing “blue screens of death” for devices with sensor versions (later extending to a broader range of sensors). It appears that the BSODs began at 1430 UTC.

According to one admin on Reddit, “servers and workstations are bluescreening ‘PFN_LIST_CORRUPT’,” while another claims VMware has informed them they are inundated.

According to VMware’s Knowledge Base article, the cause is updated threat research rulesets rolled out to US East, Asia Pacific, and EU cloud regions, which have not caused any problems in internal testing.

VMware says the problem affects devices running sensor versions 3.6.x.x to 3.7.x.x.

It promises that machines will “get the updated ruleset and auto-resolve” as soon as they check in at the VMware Explore event in San Francisco next week.

Admins have been instructed to place affected devices into bypass mode via the Carbon Black Cloud Console to allow them to boot successfully and have the ruleset removed, though a “small subset” may require an additional workaround, so a support ticket should be opened. The Knowledge Base has more information, and Carbon Black users should check for updates.

Tech News

Linux cryptominers

Linux cryptominers found in 241 npm and PyPI packages

The PyPI and npm open source registries have been infiltrated by more than 200 malicious packages this week. Each of these packages downloads a Bash script on Linux…

Spring Authorization Server

In November 2022, Spring Authorization Server 1.0 will be released

A GA release of Spring Authorisation Server 1.0 is planned for November 2022, just over two years after it was introduced to the Java community…

Our Latest Blog

Unlock Your Potential with a Level 5 Diploma in Business London's Top Courses img

Unlock Your Potential with a Level 5 Diploma in Business: London’s Top Courses

Are you looking to enhance your knowledge and skills in the field of business? Do...
Read More
Unlock Your Potential with Level 4 Diploma in Business Courses in London img

Unlock Your Potential with Level 4 Diploma in Business Courses in London

Are you looking for a comprehensive course to take your business career to the next...
Read More

Follow Us


Browse LSET presentations to understand interesting…

Explore Now

Get complete guides to empower yourself academically…

Explore Now

Learn about information technology and business…

Explore Now