| 07-19-2024, 05:39 AM | #1 |
|
Moderator
34849
Rep 13,494
Posts |
CrowdStrike update BSOD calamity (worldwide)
CrowdStrike update BSOD calamity (worldwide):
"Global IT outage live: Computer havoc caused by Crowdstrike outage could take days to fix" https://www.abc.net.au/news/2024-07-...alia/104119960 "Global tech outages hit airlines, banks and businesses" https://edition.cnn.com/business/liv...hnk/index.html "Travel, banking and businesses hit after software bug causes worldwide IT chaos" https://www.bbc.com/news/live/cnk4jdwp49et "CrowdStrike Windows Outage—What Happened And What To Do Next" https://www.forbes.com/sites/kateofl...at-to-do-next/ "Major Windows BSOD issue takes banks, airlines, and broadcasters offline / A faulty update from cybersecurity provider CrowdStrike is responsible for the global outage." https://www.theverge.com/2024/7/19/2...e-outage-issue "BSOD error in latest crowdstrike update": https://www.reddit.com/r/crowdstrike...strike_update/
__________________
///M is art ↔ Artemis
|
| 07-19-2024, 07:27 AM | #2 |
|
Major General
 
11244
Rep 9,198
Posts |
it seems like there is some new tech related mess all the time now...
i am not a tech guy but Crowdstrike is a cybersecurity company... presumably if they have an outage... i don't see how this affects the core systems of a number of companies... unless it is a hack?
__________________
2 x N54 -> 1 x N55 -> 1 x S55-> 1 x B58
Last edited by ASAP; 07-19-2024 at 07:32 AM.. |
|
Appreciate
0
|
| 07-19-2024, 07:44 AM | #3 | |
|
Lieutenant Colonel
 
2050
Rep 1,902
Posts |
Quote:
|
|
| 07-19-2024, 08:07 AM | #4 | |
|
Brigadier General
12018
Rep 4,880
Posts |
Quote:
__________________
Current: 2018 SO/SS F83 ZCP
Gone: 2015 SO/SO F82 |
|
|
Appreciate
8
ASAP11243.50 cmyx6go17127.00 vreihen1623372.00 spazzyfry1235548.00 2000cs4080.50 jessejericho538.00 dmatre760.50 Buug95925203.00 |
| 07-19-2024, 08:13 AM | #5 | |
|
Brigadier General
5642
Rep 3,270
Posts |
Read through the Forbes article on this. It's from a faulty update from Crowdstrike. I don't have any personal hands on experience with Crowdstrike. But from what I gather, the installed agents on the end points do automatic updates when available from Crowdstrike. Crowdstrike is a cloud based security platform. So this is why the impact has been pretty massive.
A fix has been identified but requires booting into Safe mode and then going to a specific directory on the PC/server to delete a specific file. So far there's no automated way of doing this so it's going to be a long manual process until Crowdstrike figures something out. This is what we in the IT world call an RGE (resume generating event). And someone(s) is going to have a bad meeting with management/HR. I'm stunned that this wasn't identified in beta testing before being pushed out as a production/general release. Don't know how Crowdstrike is going to handle the ire of customers with real significant monetary loses due to this.
__________________
Quote:
|
|
|
Appreciate
1
vreihen1623372.00 |
| 07-19-2024, 08:14 AM | #6 |
|
Weirdo
468
Rep 196
Posts |
On the plus side, if the computers can't boot, they can't get hacked.
|
|
Appreciate
3
|
| 07-19-2024, 08:45 AM | #7 |
|
First Lieutenant
 
452
Rep 327
Posts |
Back in 2004 the computer security company that I worked for had exactly the same issue. (I won't name the company, but it was one of the big ones). We produced virus definition files every day (sometimes multiple times per day) which allowed the AV software to detect new viruses. These definition files are (were) created by an automated process and were QA tested before being deployed into the field - but due to the quick turnaround, corners were obviously cut during QA.
On that particular day, the update was created and started being downloaded and consumed by our software on computers around the world. Unfortunately, we incorrectly identified a Windows system file as being infected, and so that file was "quarantined" and moved from it's System folder, to our quarantine location. End result: the sh!t hit the fan. And quickly. Any Windows PC would blue screen on the next bootup as that system file was no longer present. This sounds very similar to what has happened with Crowdstrike today... I worked in tech support back then, and our phones were red hot for days! We subsequently revised our QA processes and made them much more robust. Individuals lost their jobs, also. And I'm guessing something similar will happen at Crowdstrike... |
|
Appreciate
4
|
| 07-19-2024, 08:58 AM | #8 | |
|
Moderator
34849
Rep 13,494
Posts |
Quote:
(source: https://www.abc.net.au/news/2024-07-...alia/104119960)
__________________
///M is art ↔ Artemis
|
|
| 07-19-2024, 09:06 AM | #9 |
|
Recovering Perfectionist
23372
Rep 1,043
Posts |
As I said to my DW when I heard the talking heads on the morning TV news opening with this news as their headline, I'm glad that I was involuntarily retired from the IT business a few weeks ago.
Back to my nap..... 
__________________
Currently BMW-less.
 |
|
Appreciate
13
zx10guy5642.00 cmyx6go17127.00 BMWGUYinCO4462.50 RickFLM412018.00 NoMoreVauxhalls452.00 T0RM3NT4761.50 2000cs4080.50 DocL2148.00 SW111598.50 Car-Addicted8225.50 dradernh4814.00 Buug95925203.00 Samurai of 2day2336.50 |
| 07-19-2024, 09:28 AM | #10 |
|
Major
 
7712
Rep 1,268
Posts
Drives: 04 z4 3.0 Sport & 15 X5 35i XD
Join Date: Aug 2013
Location: Sedalia, MO
|
Secret Service right now going WHEW!!!!!!
__________________
2015 X5 XDrive 35i - 2004 Z4 3.0 Sport
|
|
Appreciate
6
|
| 07-19-2024, 09:35 AM | #11 | ||
|
Brigadier General
5642
Rep 3,270
Posts |
Quote:
1. Boot Windows into Safe Mode or WRE. 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Locate and delete file matching "C-00000291*.sys" 4. Boot normally. This isn't a Windows system file that was mistakenly determined as a malicious file. This all points to an update CrowdStrike pushed down that caused an issue with their software that has hooks into the Windows kernel that is causing the BSOD and boot loops.
__________________
Quote:
|
||
|
Appreciate
2
NoMoreVauxhalls452.00 vreihen1623372.00 |
| 07-19-2024, 10:02 AM | #12 |
|
Colonel
 
5548
Rep 2,029
Posts
Drives: Here and There
Join Date: Jul 2013
Location: North Georgia Mountains
iTrader: (1)
Garage List 97 Toyota Land Cruiser [8.33]
2004 Ford F-150 [10.00] (2)11 BMW E90M Stri ... [10.00] (1)11 BMW E90M Stri ... [10.00] 16 Toyota Land Cruiser [10.00] |
Things aren’t so great here on the healthcare side of the fence…
|
|
Appreciate
2
vreihen1623372.00 BMWGUYinCO4462.50 |
| 07-19-2024, 10:19 AM | #13 | |
|
First Lieutenant
452
Rep 327
Posts |
Quote:
Hopefully Crowdstrike learn a hard lesson from this and fully review their QA processes going forward. |
|
|
Appreciate
1
zx10guy5642.00 |
| 07-19-2024, 10:42 AM | #14 |
|
Moderator
34849
Rep 13,494
Posts |
__________________
///M is art ↔ Artemis
|
|
Appreciate
2
vreihen1623372.00 BMWGUYinCO4462.50 |
| 07-19-2024, 12:56 PM | #15 | |
|
Lieutenant Colonel
2976
Rep 1,744
Posts |
Quote:
__________________
2020 X5M Competition
2024 M2- Sold 2019 M240i- Sold |
|
|
Appreciate
0
|
| 07-19-2024, 01:16 PM | #16 |
|
Moderator
34849
Rep 13,494
Posts |
__________________
///M is art ↔ Artemis
|
Post Reply |
| Bookmarks |
|
|
