The internet reacts to the CrowdStrike IT disaster that crashed computers worldwide

Daniel Sims

Daniel Sims

Posts: 1,533   +46
Staff
Facepalm: Businesses worldwide suffered outages on Friday due to an issue with an update from CrowdStrike's widely-used security software. Naturally, customers and employees of the affected companies swiftly poked fun at the situation. Fortunately, CrowdStrike has provided an update on how to resolve the problem.

CrowdStrike has apologized for the debacle that sparked worldwide panic on Friday, assuring customers it has resolved the issue. Those still affected should refer to the company's support site for detailed instructions.

The problem stems from a faulty file in a recent Falcon Sensor security system update that could cause a Blue Screen of Death on Windows systems. As a result, transportation systems, broadcasters, hospitals, emergency services, and other organizations across the globe experienced massive disruption.

In an update, the company confirmed that Windows hosts that went online after around 1:30 am EDT should be unaffected. Hosts running on the older Windows 7 and 2008 R2 operating systems are also okay. Somewhat hilariously, Southwest Airlines dodged the outage by running its systems on Windows 95. Those who aren't experiencing any issues don't need to take action.

The questionable channel file is called "C-00000291*.sys" with a 0527 UTC timestamp. Users having trouble booting Windows after CrowdStrike reverted the update can find it under %WINDIR%\System32\drivers\CrowdStrike after booting in safe mode or Windows Recovery mode. The reverted version of the file has the same name but a 0409 UTC timestamp. CrowdStrike also has detailed instructions for fixing affected virtual and cloud systems.

Meanwhile, social media was not lacking from first-hand accounts, citizen reporting, and memes galore.

Weather tracker Colin McCarthy provided a 12-hour time-lapse of dissipating air traffic from American Airlines, Delta, and United as flights across the US were grounded due to the disruption.

One airline customer took a photo of their first-ever handwritten boarding pass.

Another user on X posted an advertisement from CrowdStrike's website warning about how digital security threats could quickly sink a business, a statement that seems wildly inappropriate now. Some might consider the incident a sign of how security software can sometimes unnecessarily burden systems.

A prevalent theme among onlookers is how Mac and Linux users were unaffected.

One Reddit user took the opportunity to poke fun at a racecar sponsored by CrowdStrike.

George, switch the car to Safemode
byu/platinumpt informuladank

On a more serious note, the event could renew the focus on consolidation in the cybersecurity industry, as it shows the dangers of putting too many eggs into one basket. A new report from the Financial Times highlights how a handful of companies, including CrowdStrike, control at least half the market.

Permalink to story:

The internet reacts to the CrowdStrike IT disaster that crashed computers worldwide

 
Microsoft continues to flush itself down the toilet. Windows is such a convoluted shambles with so much technical debt that Microsoft is incapable of addressing and Windows update is so out of control now that this was bound to happen.
 
  • Like
Reactions: NicktheWVAHick and Ephebus
I was able to log in this morning only because I shut my laptop down last night instead of just logging off. Many on my team are on VMs and they could not work until IT rebooted those servers.
 
  • Like
Reactions: Ephebus
OortCloud said:
Microsoft continues to flush itself down the toilet. Windows is such a convoluted shambles with so much technical debt that Microsoft is incapable of addressing and Windows update is so out of control now that this was bound to happen.
Click to expand...
Nothing to do with MS other than it was there OS that is used by a ton of company's. A different company's update caused the problem.
It's ok to say you can't read. Hooked on Phonics can still work for you.
 
  • Like
Reactions: PurpaFur, thelatestmodel, zamroni111 and 10 others
OortCloud said:
Microsoft continues to flush itself down the toilet. Windows is such a convoluted shambles with so much technical debt that Microsoft is incapable of addressing and Windows update is so out of control now that this was bound to happen.
Click to expand...
Two things:

1) Microsoft wasn't responsible for this issue
2) Windows Server doesn't automatically install updates or self re-boot unless you tell it to (or change the default security policy surrounding update behaviour).

If you read the article or had ever used Windows Server, you'd know.
 
  • Like
Reactions: PurpaFur, thelatestmodel, zamroni111 and 9 others
Someone could do an article on how many weak links there are in the WWW
If Amazons servers go down
If SWIFT goes down etc

They provided a solution - yeah a roll back
MS I think are starting to have solutions for windows continuously boots, think it must count the cycles and then go to a safe mode/roolback ?- Not happened to me. Only if some driver error conflict or some such t and a full depower and repower will get it to boot

You would think for such mission critical software, they would have a really stringent protocol before rolling it out . No some friday , ah just post it , lets get to the pub for happytime
 
Until the Govt. makes these security providers 100% responsible for testing and accuracy by making them 100% responsible for every dollar lost because of their negligence, it will continue again and again ....
 
Uncle Al said:
Until the Govt. makes these security providers 100% responsible for testing and accuracy by making them 100% responsible for every dollar lost because of their negligence, it will continue again and again ....
Click to expand...
Oh don't you worry, there are going to be so many lawsuits against CS, that I don't see that company being around in a year. Top all those lawsuits with companies leaving them in groves, and yeah, well, that company gonna be goners. Their CEO wasn't crying on the news for no reason today, he knows his life (financially speaking) is pretty much over.
 
themastergoose said:
Two things:

1) Microsoft wasn't responsible for this issue
2) Windows Server doesn't automatically install updates or self re-boot unless you tell it to (or change the default security policy surrounding update behaviour).

If you read the article or had ever used Windows Server, you'd know.
Click to expand...
See previous comment...
 
"The questionable channel file is called "C-00000291*.sys""
Yeah, no. C-00000291*.sys is not a valid filename.
 
I liked the "happy international bluescreen day" one. I wonder if this day will become infamous enough to establish an international bluescreen day.
 
How much of a coincidence is it that this happens only a few weeks after MS got hacked… I smell a conspiracy theory / cover up!
 
texasrattler said:
Nothing to do with MS other than it was there OS that is used by a ton of company's. A different company's update caused the problem.
It's ok to say you can't read. Hooked on Phonics can still work for you.
Click to expand...
As long as Microsoft allows drivers to run in kernal mode Windows will have issues. Linux doesn't do it.
 
Doesn't effect me in any way, but it was interesting to witness it. Some huge panic on airports and banks. Speaking of the blue screen issue... last time I had one was like 2015-6. Perhaps I'm lucky
 
I don't think Microsoft can slip out of this mess even though Crowd Strike is the one that is mainly responsible. Anyone with any tech common sense will know that any change should be tested before deployment, regardless of how immaterial they think the change is. The problem is that any change in the codes may have a knock on impact. In this case, this should have been detected if they had tested it. The fact that MS allow a straight through update for Crowd Strike is already a red flag.
 
OortCloud said:
See previous comment...
Click to expand...
You're implying that if third-party software is installed and significantly alters the OS, it's Microsoft's responsibility for permitting such usage? That's illogical.

I manage 170 Windows Servers, which should give you an idea of my job, and I've developed numerous software applications for my company. I can assure you they don't constantly crash or encounter issues as some Linux enthusiasts suggest, claiming "This would never happen with Linux."

We also operate 34 RHEL servers because for certain tasks, Linux on dedicated machines is simply the better option. However, for most purposes, we rely on Windows Server 2022, which has proven to be extremely stable for us.

Regarding the boot loop issue you mentioned, it's amusing because you omitted the part where, after 10-12 attempts, if the server is PROPERLY CONFIGURED, it will retrieve a live backup from its snapshot images and reboot successfully. Our servers do this if there's ever a problem, as we regularly test for resiliency.

Edit: To touch on the aspect of proper configuration, on any server in production, no application, service, or OS patch is applied unless it's been approved and passed testing on the development servers first. The CrowdStrike issue, in part, stems from people not managing their servers correctly, which is unsurprising.
 
  • Like
Reactions: Burty117, OutsiderX, FF222 and 2 others
seeprime said:
As long as Microsoft allows drivers to run in kernal mode Windows will have issues. Linux doesn't do it.
Click to expand...
Both Windows and Linux have drivers some of which runs in kernel mode and others in user mode. It depends on the level of access required by the driver. If I am not wrong, Linux has most device drivers baked into the kernel itself.
 
  • Like
Reactions: zamroni111 and FF222
Humans make mistakes all the time. We usually just have to apologize and everyone moves on. I'm not losing sleep over this.
 
Uncle Al said:
Until the Govt. makes these security providers 100% responsible for testing and accuracy by making them 100% responsible for every dollar lost because of their negligence, it will continue again and again ....
Click to expand...
Gov't intervention would only make it worse, like they do every time. Best option is to vote with wallets, and stop using crap companies that cannot focus on their core product.
 
  • Like
Reactions: zamroni111
You must log in or register to reply here.

Similar threads

midian182
Businesses around the world hit by 'Blue Screen of Death' following faulty CrowdStrike update
Replies
12
Views
263
zamroni111
Z
midian182
CrowdStrike apologizes for worldwide systems outage, offers vendors a $10 UberEats voucher
Replies
4
Views
117
VitalyT
VitalyT
Jimmy2x
CrowdStrike president accepts "Most Epic Fail" award at this year's Pwnies
Replies
0
Views
22
Jimmy2x
Jimmy2x

Latest posts

Back