Global BSOD

[Hagar]

The only oddity yesterday was three logins to my Spotify account, two from Brazil, one from the Dominican Republic. Just sayin'.

Changed my password anyway.

 

[Mr Jack]

This just shows you why critical infrastructure should be run on Linux, and vendors should not be able to force "definition" updates

On the former, Linux is probably the right choice most of the time, but there are reasons why people prefer using Windows for some things.

On the latter, the nature of cyber security requires rapid deployment. Push everything through the slow path and you leave things in a dangerous state for longer. It's a trade off not a clear cut better or worse.

IMO the blame for this is at least 98% Cloudstrike.

 

[dowie]

Nope. That's most likely the "updated" file pushed by Crowdfail.
Other researches have posted content of the actual file.

Where?

And why would the updated file be full of zeros rather than the erroneous one?

 

[radderfire]

According to Fox News Elon Musk has now deleted Crowdstrike from all of his companies.

 

[dowie]

The sad Mac screen and the BSOD have the same function and purpose. Macs are mostly Unix underneath so they're better architected than Windows (although MS has got better) and they don't need to support the same diversity of hardware so you see the sad Mac less.

I know, thus they're a solid choice and don't have that BSOD meme associated, much rarer to see the kernel panic. Not much point in Windows laptops/PCs save for gaming or if there's specific software someone needs to use very regularly (for occasionally just use a VM). Macs are cheaper overall anyway for large corporates too.

 

[steinooo]

Was it only windows machines which had the crowdstrike client installed affected?

 

[thebennyboy]

So glad we don't utilise Crowdstrike, given we're only a small IT team supporting ~1000 users, 2/3 of which are remote. Can't imagine the suffering some IT teams are going through right now trying to getting everyone up & going again.

 

[StriderX]

Crims must be having a right laugh with so many companies in compromised situations now.

 

[steinooo]

Crims must be having a right laugh with so many companies in compromised situations now.

Never thought of that

 

[dowie]

Crims must be having a right laugh with so many companies in compromised situations now.

Most of them won't have immediately uninstalled it (Elon aside), they'll have it back up since a fix was released yesterday.

The other thing to consider is once something becomes standard then it's often easier for corporates to not deviate from what others use:

https://twitter.com/i/web/status/1814391019951272387

 

[Quartz]

Someone claims to have found the bug:

https://twitter.com/i/web/status/1814376668095754753

 

[dowie]

Someone claims to have found the bug:

It was found and fixed already yesterday.

 

[Raymond Lin]

So glad we don't utilise Crowdstrike, given we're only a small IT team supporting ~1000 users, 2/3 of which are remote. Can't imagine the suffering some IT teams are going through right now trying to getting everyone up & going again.

We don’t either, with not too dissimilar users to yours. With our IT department in 1 location and 13 different offices…and basically only a handful of IT personnel remote support all the users… they would have to send them driving around across the country from Cornwall up to Scotland this weekend to fix them….or have me helping out in our branch because I’m the one who knows a tiny bit more about computers.

 

[Oh Ed not again.]

As suspected, poor PR review hygiene.

 

[AthlonXP1800]

https://twitter.com/i/web/status/1814328404591710302

Found out this guy Vincent Flibustier is fake and a troll, he never worked at CrowdStrike. Actually he work as writer run his Belgian news site Nordpresse.

The 'Fake' CrowdStrike Worker Who Took Credit For Biggest-Ever IT Outage

Microsoft outage: Vincent Flibustier broke the internet with an altered, AI-generated photo of him outside the CrowdStrike office along with the caption, "First day at Crowdstrike, pushed a little update and taking the afternoon off."

www.ndtv.com

 

[dowie]

Found out this guy Vincent Flibustier is fake and a troll, he never worked at CrowdStrike.

That was kinda obvious from the tweet he made, he's not a troll it was cleary posted as a joke.

Like someone tweeting "first day at FTX risk management" etc..

 

[Raymond Lin]

Even I could spot that was a joke and I hadn’t heard of Crowdstrike until yesterday.

 

[mrk]

Above all that his bio literally says:

Viral Stuntman, Trainer and Teacher in digital citizenship, critical thinking, specialized in Fake News and social networks, OSINT, AI . Digital consultant

 

[Nuttah]

Most of them won't have immediately uninstalled it (Elon aside), they'll have it back up since a fix was released yesterday.

The other thing to consider is once something becomes standard then it's often easier for corporates to not deviate from what others use:

https://twitter.com/i/web/status/1814391019951272387

The lack of an Endpoint solution won't be the target for criminals right now, it'll be playing on the need for companies to get their systems up running ASAP; pretending to be from Crowdstrike for example, offering an immediate fix etc.

 

[AthlonXP1800]

Microsoft: CrowdStrike's outage affected 8.5 million Windows PCs worldwide

Microsoft confirmed that 8.5 million devices were affected, less than 1% of all Windows machines, but the impact was widespread due to CrowdStrike's extensive use in critical infrastructure.

www.neowin.net

Affected 8.5 million PCs running Windows worldwide. That is the largest outage ever made WannaCry looked tiny which infected over 300,000 PCs worldwide back in 2017 cost $4bn.

Guess it will cost CrowdStrike over $4bn to fix 8.5 million PCs.