Smug non-Microsoft users : Global outage for Windows users using Crowdstrike - global BSOD


(from The Chaser - a satirical “news” service in Austrlaia)

Not just Mac users - also us Linux users :smiley: - feel the smug

And here’s Bjork from Iceland with the weather :smiley: :


Posted from my Pop!_OS AMD Thinkpad…

Can’t believe this stuff :


Just read a bit more of it - some of my colleagues were getting BSOD’s on their corporate laptops with Windows 11 and Crowdstrike… But it seems the major thing was Microsoft owned infrastructure servers running Crowdstrike…

In other news BOM (Bureau of Meteorology) said zero chance of any rain in my area - and yet here I am in my carport, with a beer (it’s after 4pm on a Friday) watching the rain :smiley: - do BOM use Microsoft Azure?

3 Likes

Breaking! Leaked code fragment of windows:

If (random()) {
    BSOD ();
}
3 Likes

I now thought most of the internet was on unix or linux servers, but the numbers of companies and societies effected tends to prove different.

Time to think about using more diverse systems on informatique so we are not just reliant on one type of platform.

I am always surprise just how many of my own clients use onedrive to stock everything on as if that will save the world, its free against buying a usb drive and making copies for them selves.

I have nothing on either one drive or google drive. But our association shares 3 or 4 files on a shared google drive. Time i made a copy local.

2 Likes

Not I!! All my “what I think is important” is stored locally!!! I always make room, for at least one data drive, usually a spinner, but thry work OK!!!

2 Likes

It is, but the client end matters too

Spinners are actually better for long term storage

Can anyone explain what this is and what function it performs.?
Apparently there is Crowdstrike software for Linux and Apple , as well as Windows.
It seems it was only a Windows update that caused issues.

2 Likes

Endpoint protection, not come across them before, reports are now of a fix but requires updates installed then reboots but several times before fixed.

No mention of linux or unix on website.

Antivirus and firewall stuff.

Glad i dont work for them especially today. May be months before we understand fully why and what happened.

1 Like

It does not really mention anything useful… all hype

I got the Linux and Apple bit from out local news service
“The outage was linked back to CrowdStrike, a United States-based cybersecurity company with software installed on Windows, Mac and Linux systems around the world.”

This is a good example of what happens to those who are too lazy or incomputerate
to implement their own security so they attempt to buy ‘security’ instead.
Outsourcing leaves you vulnerable.
No country would outsource its defence, yet we seem to think cyber defence is different. It is not.

2 Likes

@nevj
I knew something was wrong, these past few days, wasn’t able to get any it’s foss posts until last night, late!!! Microsoft has been having security issues lately and being pushed by the government for a fix!!! Just another, pushed out security fix, that went awry, big time!!! Most users on Windows, will not even notice, what happened!!!

3 Likes

Just got called into a meeting at work for this worldwide issue. Apparently wreaking havoc with airlines & flights. Our clinicians travelling for work cannot get to their clinical locations on time.

Sheila

3 Likes

Typical of microsoft… there is a problem but its not ours, we outsource , next step they buy the company like they have done in the past.

Bsod are microsoft feature all users see and expect.

3 Likes

More information after several hours. The problem is not a result of a Microsoft update. The security firm, Crowdstrike, issued an update. There was apparently a corrupted file (maybe something like an antivirus signature file, but not sure). When Crowdstrike attempts to load that corrupted file, it causes a BSOD.

One security related Youtube live stream I saw said part of the issue was the architecture used on Windows versus on Linux and Mac (BSD). Device drivers run in “ring 0” or “kernel mode”. This is the level with the most privileges and interacts directly with hardware. If something goes wrong in ring 0 the system most likely crashes.

The fix is to boot into safe mode where this new file is not loaded and delete it. Then reboot normally. Another way to accomplish this would be with a bootable Linux USB.

One problem with this fix is Bitlocker encryption of the disk. You need a Bitlocker code to mount the local drive in that case.

I’m glad this didn’t affect the company I work for. I took the afternoon off and got in a quick nine holes with my son. It was sunny and 75 with a light breeze. I was two over par.

6 Likes

I would like to know how or if Crowdstrike test their updates before release?

2 Likes

It would seem there were two problems

“what’s certain is that two separate systems — Microsoft’s cloud service, Azure, and a software update from cyber security company CrowdStrike — malfunctioned on the same day.”

That is from our local ABC news service

Congratulations… after reading all the hype and crap on news services, you are the only source to have said what was wrong and what to do about it

4 Likes

I saw the explanation on the LearnLinuxTV YouTube channel.

3 Likes

Quite often with news stories its difficult to know who has the correct source and answer. Thanks forvthe enlightenment.

As for golf not a sport i want to follow, but good to spendvtime with your family an activity to share. Far more interesting

1 Like

These days, a lot of Internet stuff is on Ajure (a property of Microsoft, and IIRC, it uses CrowdStrike). It seems Crowd Strike is living up to its name today :slight_smile:

Ernie

4 Likes

not sure about crowdstrike, but I got a lot of new signups to my mastodon instance as a result of multiple instances of mastodon being completely down that run off azure Friday night.

3 Likes

Love your new avatar Doc :smiley:

3 Likes

I just saw this on Reddit.

5 Likes

Just been reading about it - also affected Debian and Rocky Linux.

I’ve been deploying Falcon Crowdstrike (VERY reluctantly I might add!) to Linux servers since around February…

Fortunately - all of them are RHEL 8 (or earlier) and the Crowdstrike “bug” was more RHEL 9 and kernel 5.x…

I’ve deployed a few RHEL9 instances for other customers this year, but also, fortunately, those customers don’t use Crowdstrike…

I just watched a very informative youtube from a former Microsoftee - who worked on Windows NT - basically the bug is an empty *.sys file that the ring 0 Crowdstrike device driver tries to load into memory - or something :

The more “agents” you install on a system - the more unstable it will be - the more moving parts in the kernel / ring 0 - the more likely failures are…

I remember in Windows NT 3.51 - the HAL, “hardware abstraction layer” - didn’t have 100% privileged access to the kernel - but Microsoft went back on that with Windows NT 4.x in order to get better performance, especially on workstations…

3 Likes