Other Post Crowdstrike takes down half the world's IT

TheKiwi

Mi.net Field Marshall
MI.Net Member
TheMess.Net
Joined
Apr 15, 2019
Messages
2,402
Points
298
New-Zealand
A flawed update from Crowdstrike has crippled many large organizations' IT.


Although Crowdstrike have identified the faulty update and withdrawn it, machines that have been affected are stuck in a Blue Screen of Death loop and can't get the notification that the update is withdrawn. The only fix is to manually start up the computer in Safe Mode, delete the file in question and reboot the computer, a long and tedious process under the best of circumstances.

Guess what my day will consist of tomorrow?
 
A crappy Saturday I’m sure, TheKiwi.

Early sources as always blamed the usual suspects hence the Norks or whoever else, whereas it appears to be onto Crowdstrike. The common people and the average Joe computer shouldn’t be affected. A bloody mess otherwise.
 
Kind of funny timing how this comes days after MS let go of their DEI staff. An ally within a third party contributor making MS look bad?

I mean it's primarily aimed at businesses too, evil capitalism ...

@TheKiwi: hehe sucks to be you, glad I left IT long ago 😁
 
A flawed update from Crowdstrike has crippled many large organizations' IT.


Although Crowdstrike have identified the faulty update and withdrawn it, machines that have been affected are stuck in a Blue Screen of Death loop and can't get the notification that the update is withdrawn. The only fix is to manually start up the computer in Safe Mode, delete the file in question and reboot the computer, a long and tedious process under the best of circumstances.

Guess what my day will consist of tomorrow?
Think of the overtime!
 
50&authkey=%21ADHF6BAXVgFncKo&width=952&height=597.webp
 

Attachments

  • &authkey=%21ADHF6BAXVgFncKo&width=2048&height=1736.webp
    &authkey=%21ADHF6BAXVgFncKo&width=2048&height=1736.webp
    21.1 KB · Views: 49
Last edited:
Which is to say, you're going to have an oversized member inserted into your rectum? Figuratively speaking, obviously?
 
Mumble unix mumble BSD>BSOD mumble linux. (Walks out of meeting with gray beard covered in Cheeto dust and still no delivery date.)

Kidding man. I feel for you. Having to go Safe Mode first is going to make that a grind.
 
Spent much of yesterday talking retail people through the difficult process of clicking on 3 options, entering a bitlocker key and deleting a file. 10-20 minutes per site. Sigh. Still at least 75% of the company is now back up and running.
 
Microsoft have claimed that it was "only" about 8.5% of the worlds Windows computers that were affected. However clearly that 8.5% ran some very important parts of modern society.
 
Ja, ja….. But I’m reading a news article saying less than 10 million PCs affected worldwide… Who knows….

This last 72 hours has had our IT team doing overtime to get blue-screened PCs back up and running. It involves either entering the 48 character Bitlocker recovery key stored in the AD for the particular PC, or reimaging the PC with a fresh copy of our own Windows 10 image if you can’t retrieve a valid recovery key. For some of the PCs, the wizards in the lab have figured out a way to dig into the OS with a domain login without touching the Bitlockered partition , delete the bad Crowstrike file, restart the CrowdStrike app/service/whatever, and then restart the pc. I don’t grok it yet, but supposedly they are printing instructions for Monday morning.

I had to work about fifteen hours this weekend, resurrecting or re-imaging about sixteen PCs that needed special attention. We had about 80 to 100 people working off and on from Friday through late Saturday, with only the Service Desk fully staffed today. Everyone else except the on-call guys are resting up for MONDAY morning🤪. I worked today, Sunday, because most of those sixteen PCs are needed right away on Monday morning. I wanted to be clear for new action in the morning, because I think it’s gonna be a sucky Monday!
 
I'm pretty much done as of this evening. There are just a couple of machines left to fix and the people who use them are away. So I call that sorted. Now to ask for a fat refund from Crowdstrike.
 
12 laptops affected in our office, including the two POS machines. 4pm on a Friday with cold tins in the beer fridge? New boss said back to work. Turns out we were busy enough without the computers anyway.
 

Folks.....This is just a glimpse, they're dusting this off upgrading software and getting it ready for the next U.S. election!! Just watch......
 

Similar threads

Back
Top