All our servers and company laptops went down at pretty much the same time. Laptops have been bootlooping to blue screen of death. It’s all very exciting, personally, as someone not responsible for fixing it.

Apparently caused by a bad CrowdStrike update.

Edit: now being told we (who almost all generally work from home) need to come into the office Monday as they can only apply the fix in-person. We’ll see if that changes over the weekend…

  • richtellyard@lemmy.world
    link
    fedilink
    English
    arrow-up
    32
    ·
    5 months ago

    This is going to be a Big Deal for a whole lot of people. I don’t know all the companies and industries that use Crowdstrike but I might guess it will result in airline delays, banking outages, and hospital computer systems failing. Hopefully nobody gets hurt because of it.

  • Sʏʟᴇɴᴄᴇ@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    22
    ·
    5 months ago

    Yep, stuck at the airport currently. All flights grounded. All major grocery store chains and banks also impacted. Bad day to be a crowdstrike employee!

  • jedibob5@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    5 months ago

    Reading into the updates some more… I’m starting to think this might just destroy CloudStrike as a company altogether. Between the mountain of lawsuits almost certainly incoming and the total destruction of any public trust in the company, I don’t see how they survive this. Just absolutely catastrophic on all fronts.

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      8
      ·
      5 months ago

      If all the computers stuck in boot loop can’t be recovered… yeah, that’s a lot of cost for a lot of businesses. Add to that all the immediate impact of missed flights and who knows what happening at the hospitals. Nightmare scenario if you’re responsible for it.

      This sort of thing is exactly why you push updates to groups in stages, not to everything all at once.

      • rxxrc@lemmy.mlOP
        link
        fedilink
        English
        arrow-up
        3
        ·
        5 months ago

        Looks like the laptops are able to be recovered with a bit of finagling, so fortunately they haven’t bricked everything.

        And yeah staged updates or even just… some testing? Not sure how this one slipped through.

    • Munkisquisher@lemmy.nz
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Yeah saw that several steel mills have been bricked by this, that’s months and millions to restart

  • kadotux@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    14
    ·
    edit-2
    5 months ago

    Here’s the fix: (or rather workaround, released by CrowdStrike) 1)Boot to safe mode/recovery 2)Go to C:\Windows\System32\drivers\CrowdStrike 3)Delete the file matching “C-00000291*.sys” 4)Boot the system normally

    • StV2@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      5 months ago

      It’s disappointing that the fix is so easy to perform and yet it’ll almost certainly keep a lot of infrastructure down for hours because a majority of people seem too scared to try to fix anything on their own machine (or aren’t trusted to so they can’t even if they know how)

      • HaleHirsute@infosec.pub
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        They also gotta get the fix through a trusted channel and not randomly on the internet. (No offense to the person that gave the info, it’s maybe correct but you never know)

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        4
        ·
        5 months ago

        It might not even be that. A lot of places have many servers (and even more virtual servers) running crowdstrike. Some places also seem to have it on endpoints too.

        That’s a lot of machines to manually fix.

      • NaibofTabr@infosec.pub
        link
        fedilink
        English
        arrow-up
        2
        ·
        5 months ago

        This sort of fix might not be accessible to a lot of employees who don’t have admin access on their company laptops, and if the laptop can’t be accessed remotely by IT then the options are very limited. Trying to walk a lot of nontechnical users through this over the phone won’t go very well.

  • jedibob5@lemmy.world
    link
    fedilink
    English
    arrow-up
    13
    ·
    5 months ago

    Huh. I guess this explains why the monitor outside of my flight gate tonight started BSoD looping. And may also explain why my flight was delayed by an additional hour and a half…

  • alphacyberranger@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    5 months ago

    One possible fix is to delete a particular file while booting in safe mode. But then they’ll need to fix each system manually. My company encrypts the disks as well so it’s going to be a even bigger pain (for them). I’m just happy my weekend started early.

  • Victor@lemmy.world
    link
    fedilink
    English
    arrow-up
    9
    ·
    5 months ago

    If these affected systems are boot looping, how will they be fixed? Reinstall?

    • Sʏʟᴇɴᴄᴇ@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      9
      ·
      5 months ago

      There is a fix people have found which requires manual booting into safe mode and removal of a file causing the BSODs. No clue if/how they are going to implement a fix remotely when the affected machines can’t even boot.

    • bevan@lemmy.nz
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      It is possible to edit a folder name in windows drivers. But for IT departments that could be more work than a reimage

  • ililiililiililiilili@lemm.ee
    link
    fedilink
    English
    arrow-up
    8
    ·
    5 months ago

    My dad needed a CT scan this evening and the local ER’s system for reading the images was down. So they sent him via ambulance to a different hospital 40 miles away. Now I’m reading tonight that CrowdStrike may be to blame.

  • NaibofTabr@infosec.pub
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    5 months ago

    Wow, I didn’t realize CrowdStrike was widespread enough to be a single point of failure for so much infrastructure. Lot of airports and hospitals offline.

    The Federal Aviation Administration (FAA) imposed the global ground stop for airlines including United, Delta, American, and Frontier.

    Flights grounded in the US.

    The System is Down

  • solrize@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    5 months ago

    Xfinity H&I network it down so I can’t watch Star Trek. I get an error msg connection failure. Other channels work though.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    5
    ·
    5 months ago

    This is the best summary I could come up with:


    There are reports of IT outages affecting major institutions in Australia and internationally.

    The ABC is experiencing a major network outage, along with several other media outlets.

    Crowd-sourced website Downdetector is listing outages for Foxtel, National Australia Bank and Bendigo Bank.

    Follow our live blog as we bring you the latest updates.


    The original article contains 52 words, the summary contains 52 words. Saved 0%. I’m a bot and I’m open source!