Windows 11 24H2 Issues: Falcon Sensor Affects App Functionality

  • Thread Author
In a recent advisory from Microsoft, users of Windows 11, version 24H2 may experience functionality issues with first-party and third-party applications, primarily influenced by the integration of Falcon sensor software from CrowdStrike. This problem stems from specific settings within the antimalware security solutions that, when enabled, could result in applications like Microsoft Word and Excel ceasing to respond.

Understanding the Issue​

Following the installation of Windows 11, version 24H2, there has been a notable rise in reports from organizations claiming that their applications begin to hang or stop working entirely. This issue seems to particularly affect those devices that have the following conditions in place:
  • CrowdStrike’s Falcon Sensor: This software, designed to enhance security by monitoring and managing potential threats, is crucial for businesses but may introduce complications depending on its configuration.
  • Enabled Enhanced Exploitation Visibility Prevention Policy: This specific setting within the security policy can interfere with application performance, leading to the reported issues.
Notably, the problems primarily emerged after fresh installations or in-place upgrades to version 24H2, raising questions about the compatibility of certain security solutions with this latest Windows release.

Who Is Affected?​

This situation predominantly affects organizations and managed IT environments. As a consumer operating on Home or Pro versions on personal devices not overseen by an IT department, you are unlikely to experience these issues. This limitation further emphasizes the importance of tailored security settings in enterprise environments, where the stakes of cybersecurity are often higher.

Current Status and Mitigation​

As of now, the situation has been classified as mitigated, indicating that there are active resolutions in play. CrowdStrike has taken proactive steps by temporarily disabling the Enhanced Exploitation Visibility Prevention Policy setting on devices running Windows 11, version 24H2. This should alleviate some of the immediate concerns while both Microsoft and CrowdStrike collaborate on a more comprehensive fix.

Recommendations for Users​

  1. Monitor Application Performance: If you're in a managed IT environment using Windows 11, be aware of the potential for applications to behave unexpectedly after upgrades to version 24H2.
  2. Consult IT Support: Organizations should maintain communication with their IT departments to ensure that any changes to security policies are promptly addressed to prevent application issues.
  3. Stay Updated: Keep an eye out for updates from Microsoft and CrowdStrike regarding this situation, especially as they work towards a long-term solution.

What's Next?​

Microsoft has assured users that they will update the documentation when further details or resolutions are available. Continuous collaboration between Microsoft and CrowdStrike will hopefully lead to a swift resolution to this compatibility issue, ensuring that Windows users can run their applications without disruption.
In the ever-evolving landscape of cybersecurity and software functionality, keeping your systems updated and being aware of compatibility issues is key to maintaining productivity and security. As always, remain vigilant and proactive in managing your digital environment.
For further information, you can view the complete advisory provided by Microsoft here.
Source: Microsoft Support Apps might stop working on Windows 11, version 24H2 devices with Falcon sensor - Microsoft Support
 


Back
Top