Is the recovery/system partition not on the same disc?
Global BSOD
- Thread starter Dirk Diggler
- Start date
Is the recovery/system partition not on the same disc?
Soldato
Are you booting into WinRE, as you will be prompted for the systems BitLocker key? Once unlocked, use CMD from there.
Alternatively, try the reboot method of fixing CrowdStrike, ie - make sure CrowdStrike will push the latest update and then reboot the system up to 15 times. If the network stack stays up long enough then the agent should download the latest update.
Alternatively i would be looking on CrowdStrike support portal, and/or phoning your rep, as i believe they have a dedicated page with instructions on fixes.
At least Windows robust recovery system allowed people to rollback to a known good state.
Personally I've a somewhat perverse amusement from the whole situation as it is just a glimpse of what can happen when things I've railed against in this context are ignored.
Soldato
It was forced down by crowdstrike I believe. Didn’t get the option to test.
Presumably this doesn’t happen at significant pace, and you then end up exposed to the latest security threats while your AV and any other software goes unpatched?
I usually find that Windows updates are tested in a dev environment or on a few "noddy" servers but AV updates to definitions or pro active threat systems are just left to their own devices. I've never liked this myself and is why the AV definitions for my OT systems are done manually.
All of our office systems don't use Crowdstrike (thank God!) but we do have S1 and have had a few others in the past and I expect it could have the same impact if there's a bad update pushed out.
All of our office systems don't use Crowdstrike (thank God!) but we do have S1 and have had a few others in the past and I expect it could have the same impact if there's a bad update pushed out.
I think so, BIOS is password locked so we might need to wait for an engineer to arrive as they won't share the password (understandable, TBF). I'm just trying to get some machines up and running over the weekend and into the start of the week.
The Win10 boxes are prompting for BitLocker so I'm getting them done, but the Win11 machines are gubbed.
Associate
Associate
Nope. That's most likely the "updated" file pushed by Crowdfail.
Other researches have posted content of the actual file.
Permabanned
- Joined
- 25 Oct 2004
- Posts
- 9,078
Seen this in the news, the irony that a cyber security company is actually the bigger threat to cyber security makes me laugh.
Associate
They've caused more damage than the criminals they are protecting against
Associate
- Joined
- 10 Jan 2005
- Posts
- 534
Unlocking Bitlocker from CMD Type either "manage-bde-unlockX: -Password" or "manage-bde-unlockX: -RecoveryPassword."
and original Mr mcfaee was done for tax fraud
it's not a big delay for sandbox testing , team of 30-40 people worldwide - also engineers laptops are only ever online through VPN, so company has a good chance of preventing phishin exploits,
not least engineers are perhaps more weary.
------
Personally not yet on win10/11 where mechanisms to prevent adhoc microsoft patches that might screw you are difficult to manage
No joy, unfortunately. I think it's a BIOS configuration that's preventing the drive from mounting.
Last edited:
when you look at the interview with Colonel Kurtz , also repeated on newsnight he seemed content to try and obfuscate the the issue,
we are only try to protect you from the bad men
we are only try to protect you from the bad men
Soldato
Looks like the trains have gone wrong today 
Man of Honour
It absolutely was a security incident. Security comprises three elements, one of which is availability.