Wow…who could have predicted eggs in one basket is a BAD idea.
CrowdStrike fucked up big time didn’t they?
Oh, man, it’s bad. Been on a call at work all day.
Damn. Did you catch the quick fix?
CrowdStrike Fix 1. Boot Windows into Safe Mode or WRE. 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Locate and delete file matching "C-00000291*.sys" 4. Boot normally.``` Edit: I'm not even about to figure out the formatting glitch here, this information just needs to be shared to help fix the problem.
Yup. The problem is a) rebooting in safe mode on remote/cloud servers. b) rebooting in safe mode if you’re also using BitLocker. :(
An alternate suggestion from Microsoft is “reboot up to 15 times”.
Meanwhile, last I heard is Microsoft themselves uses Linux to run their Hotmail servers…
Yeah, perhaps things aren’t the same today, but hell!
I don’t blame Microsoft at all for having a Linux mail server…
Oh fuck, 15 times? That’s a fucking delay tactic to try to keep their phone lines from getting clogged, no joke.
Not surprising to me that the city government depends so much on proprietary software, but disappointing. Wonder what kind of day that Finnish-American Portlander is having.
I mean, it only took CrowdStrike to bring it all down.
I don’t know how close you’ve been following it, but CrowdStrike pushed an updated config file that contained 42kb of 0’s.
On reboot, Windows machines BSOD.
Not closely at all; blissfully ignorant here in the peanut gallery :) Just read up a bit:
CrowdStrike says users should boot the computer into Safe Mode or Windows Recovery Environment, navigate to the CrowdStrike directory, and delete the faulty file “C-00000291*.sys.”
I read “users” as “IT support”, and “the computer” as “every affected computer in your organization”. I don’t envy those poor folks in IT. Well I often do actually, but not today!
Yeah, the alternate solution is to try re-booting 15 times.
If that actually worked tho everything woulda been back up and running in no time lol
Happy to say we have absolutely zero windows installations at my company. I feel like I have to be vigilant about keeping it that way. We do use crowdsteike but Linux for servers and containers and macOS for desktop clients.
We had a major service running on the Azure cloud that was impacted. :( It was back up by Saturday, fortunately.
The whole “reboot into safe mode” was complicated by being in the cloud and further complicated by BitLocker. But we got it done!