 |
|
| 07-19-2024, 04:39 AM | #1 |
|
Moderator
31503
Rep 13,307
Posts |
CrowdStrike update BSOD calamity (worldwide)
CrowdStrike update BSOD calamity (worldwide):
"Global IT outage live: Computer havoc caused by Crowdstrike outage could take days to fix" https://www.abc.net.au/news/2024-07-...alia/104119960 "Global tech outages hit airlines, banks and businesses" https://edition.cnn.com/business/liv...hnk/index.html "Travel, banking and businesses hit after software bug causes worldwide IT chaos" https://www.bbc.com/news/live/cnk4jdwp49et "CrowdStrike Windows Outage—What Happened And What To Do Next" https://www.forbes.com/sites/kateofl...at-to-do-next/ "Major Windows BSOD issue takes banks, airlines, and broadcasters offline / A faulty update from cybersecurity provider CrowdStrike is responsible for the global outage." https://www.theverge.com/2024/7/19/2...e-outage-issue "BSOD error in latest crowdstrike update": https://www.reddit.com/r/crowdstrike...strike_update/
__________________
///M is art ↔ Artemis
|
| 07-19-2024, 06:27 AM | #2 |
|
Major General
 
10574
Rep 8,879
Posts |
it seems like there is some new tech related mess all the time now...
i am not a tech guy but Crowdstrike is a cybersecurity company... presumably if they have an outage... i don't see how this affects the core systems of a number of companies... unless it is a hack?
__________________
2 x N54 -> 1 x N55 -> 1 x S55-> 1 x B58
Last edited by ASAP; 07-19-2024 at 06:32 AM.. |
|
Appreciate
0
|
| 07-19-2024, 06:44 AM | #3 | |
|
Major
 
1489
Rep 1,432
Posts |
Quote:
|
|
| 07-19-2024, 07:07 AM | #4 | |
|
Brigadier General
11511
Rep 4,856
Posts |
Quote:
__________________
Current: 2018 SO/SS F83 ZCP
Gone: 2015 SO/SO F82 |
|
|
Appreciate
8
ASAP10573.50 cmyx6go16580.00 vreihen1619086.50 spazzyfry1234639.50 2000cs3755.50 jessejericho395.50 dmatre735.00 Buug95921298.50 |
| 07-19-2024, 07:13 AM | #5 | |
|
Brigadier General
5471
Rep 3,292
Posts |
Read through the Forbes article on this. It's from a faulty update from Crowdstrike. I don't have any personal hands on experience with Crowdstrike. But from what I gather, the installed agents on the end points do automatic updates when available from Crowdstrike. Crowdstrike is a cloud based security platform. So this is why the impact has been pretty massive.
A fix has been identified but requires booting into Safe mode and then going to a specific directory on the PC/server to delete a specific file. So far there's no automated way of doing this so it's going to be a long manual process until Crowdstrike figures something out. This is what we in the IT world call an RGE (resume generating event). And someone(s) is going to have a bad meeting with management/HR. I'm stunned that this wasn't identified in beta testing before being pushed out as a production/general release. Don't know how Crowdstrike is going to handle the ire of customers with real significant monetary loses due to this.
__________________
Quote:
|
|
| 07-19-2024, 07:14 AM | #6 |
|
Weirdo
458
Rep 191
Posts |
On the plus side, if the computers can't boot, they can't get hacked.
|
|
Appreciate
4
|
| 07-19-2024, 07:45 AM | #7 |
|
First Lieutenant
 
437
Rep 316
Posts |
Back in 2004 the computer security company that I worked for had exactly the same issue. (I won't name the company, but it was one of the big ones). We produced virus definition files every day (sometimes multiple times per day) which allowed the AV software to detect new viruses. These definition files are (were) created by an automated process and were QA tested before being deployed into the field - but due to the quick turnaround, corners were obviously cut during QA.
On that particular day, the update was created and started being downloaded and consumed by our software on computers around the world. Unfortunately, we incorrectly identified a Windows system file as being infected, and so that file was "quarantined" and moved from it's System folder, to our quarantine location. End result: the sh!t hit the fan. And quickly. Any Windows PC would blue screen on the next bootup as that system file was no longer present. This sounds very similar to what has happened with Crowdstrike today... I worked in tech support back then, and our phones were red hot for days! We subsequently revised our QA processes and made them much more robust. Individuals lost their jobs, also. And I'm guessing something similar will happen at Crowdstrike... |
|
Appreciate
4
|
| 07-19-2024, 07:58 AM | #8 | |
|
Moderator
31503
Rep 13,307
Posts |
Quote:
(source: https://www.abc.net.au/news/2024-07-...alia/104119960)
__________________
///M is art ↔ Artemis
|
|
| 07-19-2024, 08:06 AM | #9 |
|
Recovering Perfectionist
19087
Rep 982
Posts |
As I said to my DW when I heard the talking heads on the morning TV news opening with this news as their headline, I'm glad that I was involuntarily retired from the IT business a few weeks ago.
Back to my nap..... 
__________________
Currently BMW-less.
 |
|
Appreciate
13
zx10guy5470.50 cmyx6go16580.00 BMWGUYinCO4295.50 RickFLM411511.00 NoMoreVauxhalls437.00 T0RM3NT4425.00 2000cs3755.50 DocL2047.00 SW111473.50 Car-Addicted8216.50 dradernh4807.00 Buug95921298.50 Samurai of 2day2285.50 |
| 07-19-2024, 08:28 AM | #10 |
|
Major
7668
Rep 1,256
Posts Drives: 04 z4 3.0 Sport & 15 X5 35i XD Join Date: Aug 2013
Location: Sedalia, MO
|
Secret Service right now going WHEW!!!!!!
__________________
2015 X5 XDrive 35i - 2004 Z4 3.0 Sport
|
|
Appreciate
6
|
| 07-19-2024, 08:35 AM | #11 | ||
|
Brigadier General
5471
Rep 3,292
Posts |
Quote:
1. Boot Windows into Safe Mode or WRE. 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Locate and delete file matching "C-00000291*.sys" 4. Boot normally. This isn't a Windows system file that was mistakenly determined as a malicious file. This all points to an update CrowdStrike pushed down that caused an issue with their software that has hooks into the Windows kernel that is causing the BSOD and boot loops.
__________________
Quote:
|
||
|
Appreciate
2
NoMoreVauxhalls437.00 vreihen1619086.50 |
| 07-19-2024, 09:02 AM | #12 |
|
Lieutenant Colonel
 
4640
Rep 1,929
Posts Drives: Here and There Join Date: Jul 2013
Location: North Georgia Mountains
iTrader: (1)
Garage List 98 Lexus LS400 [10.00]
16 Toyota Land Cruiser [10.00] 97 Toyota Land Cruiser [8.33] 11 BMW E90 M3 Stripper [10.00] |
Things aren’t so great here on the healthcare side of the fence…
|
|
Appreciate
2
vreihen1619086.50 BMWGUYinCO4295.50 |
| 07-19-2024, 09:19 AM | #13 | |
|
First Lieutenant
437
Rep 316
Posts |
Quote:
Hopefully Crowdstrike learn a hard lesson from this and fully review their QA processes going forward. |
|
|
Appreciate
1
zx10guy5470.50 |
| 07-19-2024, 09:42 AM | #14 |
|
Moderator
31503
Rep 13,307
Posts |
__________________
///M is art ↔ Artemis
|
|
Appreciate
2
vreihen1619086.50 BMWGUYinCO4295.50 |
| 07-19-2024, 11:56 AM | #15 | |
|
Major
2527
Rep 1,476
Posts |
Quote:
__________________
2024 M2
2019 M240i- Sold |
|
|
Appreciate
0
|
| 07-19-2024, 12:16 PM | #16 |
|
Moderator
31503
Rep 13,307
Posts |
__________________
///M is art ↔ Artemis
|
Post Reply |
| Bookmarks |
|
|
