Who could have imagined that installing a 3rd party rootkit on every device is bad? Shocking 🙃

Consider the delicious irony of a "security company" bricking half the computers in the world.

"Hotline, we have a massive problem!!" - "Ok shoot!" - "We use Windows 11 servers and..." - "Well, you said that already."

The first (really the only) question is why CrowdStrike is not using a staged rollout with telemetry to verify that systems being updated remain functional?

As well as BitLocker recovery key we also needed to use the local admin account as the folder couldn't be accessed without elevated privileges, further compounded by each PC having a unique password. Ten to fifteen minutes of telephone support to talk the user through this.

This patchpocalypse is the best advertisement for Linux EVVAAAARRR Thank you Crowdstrike, I love you 🥰

Yes, centralisation of capabilities to one company is dangerous

I have been using GNU/Linux for the last 30 years and everything works perfectly for me, for free. And my valuable data are at home, not in a data center far far away.

I'd like to see you discuss whether a modern up to date windows server, configured correctly, actually needs crowdstrike or similar products.

This news channel is the only one being realistic about the recovery time. Other news channels thinks that the disruption will be fixed in days.

*HERE IN BULGARIA* in our cash-based society - nothing changed, we all just want about life as normal. Imagine if your systems went down for 2 weeks - you would all literally be starving

Astronaut: Houston, we have a problem. Base: ah, hold on, we have blue screen on all our computers!

Yesterday was a big win for CrowdStrike. Finally a virus protection program that disabled the most prolific spyware program on the internet - Microsoft Windows. No Linux/Mac products were harmed.

Did they not test their patch before deploying? It's very hard to believe this error wouldn't have shown up in testing. And it's always a really good idea to deploy patches just before the weekend.....said nobody in IT ever. The fail is strong.

"Windows 2008 Server not affected". I can wipe the sweat from my brow 🤣🤣

The irony is this issue typically only hit organisations who had the awareness that they needed to run and deploy an EDR/XDR solution. Lesser aware IT shops, who did not have the time or resources to stay on top of things, have been spared this disruption....

I had a dead motherboard a few years ago, the drives had Bitlocker enabled. As you cannot unlock in a new machine with your regular key, you need the recovery key. Lost all my data. Nowadays I'm on Linux with Luks, it's far better.

I live in a cabin in the woods like ol' Ted, i was entirely unaffected.

At my workplace only the servers were running Crowdstrike, the clients are using Windows Defender and even though a lot of servers went down it was possible to manage the situation. However as I see it the Windows platform is based on a design that was made in the early 1990's and it has been showing its age for some time now. Unfortunately Microsoft is heading into a direction that will make them basically a single point of failure with worldwide impact if they go down since they are heading for a direction where every login and every bitlocker key is in their pocket. It's now almost impossible to set up a local account on your computer and for all new computers the disks are going to by default be encrypted with bitlocker. With that in mind - Microsoft will basically have every company and personal computer held hostage. If you haven't been touching your files for some time they are removed locally and now only exists in the "cloud" held by Microsoft. I can think of some scenarios: 1. Microsoft decides that your computer is obsolete and prevents you from using it. 2. The cloud service of Microsoft gets hacked or goes down for an extended time. 3. Internet is shut off for some reason preventing your computer from connecting to the cloud.

CrowdStrike started pushing D.E.I instead of quality.. This is what happens!

Interesting show. However, I would like to point out that this only impacted companies using CS, not regular home users unless you are using CS. The issue was CS was also installed on Windows Server OS. Also, there was a CS issue with Linux in the past. The issue was bad or not enough testing by CS. Now the bigger question is, was this a test for something to come?? Thanks for the show

End user devices are going to be the huge issue - looking up all those Bitlocker keys, walking tech or even end user in to deleting the bad file. Hopefully most of the servers have remote management interfaces (different from remote desktop), whereby preboot environments are accessible over a remote connection via VNC and the like.

The sys driver file was all zeros and could bot have contained a valid signature. Why did a sys file without a valid signature even get loaded by a supposedly top security company? Isn’t that a security risk? This makes me question their whole overhyped approach to security.

With Microsoft there is no better alternative , but for CS there are a lot of. After spending 9 hours fixing our computers and servers I hope our company will get rid of this spying software

So microsoft was bitten by FORCED BLIND UPDATES.. who would have thunk such a thing could go wrong.

Waiting for the law suits to be issued...

it's not a virus definition. the corrupted file has the extension of .sys and it's loading on a very low level.

Promoted via US Government CISA via events and embedded in training. Also often recommended for federal contractors

If you have a server, run a server OS. Which would be Linux. If you run the XBox OS on it, it's not a server, it's a game console.

This could have all been avoided if Windows had an A/B update system like ChromeOS. Having failed to boot the updated partition it would have failed back.

Starting Monday (if not already) one or more people at CrowdStrike will be looking for jobs in another field! I wonder if the Walmart in Austin TX is hiring greeters?

The definition file was just a chunk of null characters. I wouldn't be surprised if the Azure outage was the original cause of the null file being distributed in the first place.

Hopefully this will force companies to wake up and switch to Linux. You do not need a full Windows PC just to drive a self checkout or a departure board! There are $5 micro controllers that can do this.

Be still my beating heart El Reg has a YT channel. Instant sub.

and the issue remains, as crowdstrike could press a button and brick all their clients computers again.

Now every computer that's down needs a tech to restart it with high-level verification who is validating that these people are doing their job right and not more concerning information in this update when they remove the file

Time to get rid of this crapware

I heard Crowdstrike will rebrand as SkyNet.

Why did the update not roll out in a more controlled way with verifications-/validations from both customer's IT-staff and Crowdstrike? Before going in production.

people just need to anticipate this sort of stuff... maybe keep some domain controllers physical with a different AV than CrowdStrike... some paper runbooks in safes etc.

This outage is roughly what Y2K could have been like in terms of social impact if we hadn't prepared for it. Mostly different technologies at this point, of course.

IT people should see this as an opportunity to earn some extra cash. No doubt, many organizations will be hiring temporary workers to crawl from keyboard-to-keyboard.

It's absolutely Microsoft fault and it is Crowdstrike fault, they both created this situation and I don't hear anything about compensation for the mess they've created

If you use windows you have to be ready for anything. There was no code that broke crowdstrike. They release an update filled with null pointers. It was effectively empty lol

Ummm there is a problem if the driver doesn't validate the definition.

The definition file that went out was all nulls. It corrupted at some point in the process.

Whitney Webb predicted about a year ago that this would happen.

*AS A MAC USER* Im in genuine danger of exploding with smugness... 😀

For all those saying "switch to linux" just do a quick search and you'll find CS did a similar thing to Debian back in April 2024.

I agree with them, we should not rely on one OS like Windows or CrowdStrikes.

for people in remote working mode and/or week-end assigment for thei IT dept. might have caused havoc ...

The first time the reg showed up on my feed!!!

Makes you question. If we should run everything from the cloud

now they should look hard into diversifying their security AV software having 2 or 3 different vendors in their infrastructure so that if you have 2 different companies at least it would be 50% affected or with 3 vendors only 33% of your infrasture would be affected....the same can be said of relying on one OS like Windows.

I think this is more on Microsoft than Crowdstrike. A single definitions file shouldn't bring down the whole OS.

That's the trouble when people rely on tech

I hope these companies will pay bonus to their it department and buy them cookies every week

All I can say is test your product to destruction, I suspect Cloudstrike don't test at an acceptable level and believe that shortcuts they made in the past testing will be OK to use today. Cloudstrike claims it's not a security issue but is wrong because that will be judged by their customer base, who'll see it as a security issue due to their systems becoming inoperable. Anything that causes a company to lose money is a security issue.

It would not surprise me if Microsoft start to quietly sunset Windows Server. My guess is that behind the scenes 95% of their fabric is running on linux variants anyway.

Companies will sue Microsoft, their prodict failed to start !

So thankful we don't user CS.... We are not bothered by this shit show.

We need universal standards for deploying changes that touch the kernel. And never deploy on a Friday. Internal culture failure.

Has no-one ever heard of CHEQUES ?

Space X and Tesla were completely unaffected. Elon Musk steadfastly refused to do business with CrowdStrike, even though it is in his preferred city of Austin. So, companies with DEI departments should absolutely love CrowdStrike! After all, they must support their fellow DEI hires in all that they destroy.

😼 All the not smirking I'm seeing here 😼

wish john mcafee was here to see this. RIP

Crowd strike implemented a scheme similar to other cyber security software vendors but that doesn't make it right These cybersecurity software applications are overprivileged on the operating system operating at a kernel level... Extremely dangerous and it is malpractice to have allowed them to be installed on all these systems or any similar cybersecurity software; this stuff needs to be isolated

What are u guys doing st my house taking my pitur showing to world ?

No bank, no taxi, no coffee, food bank overload, starvation/ the servers are down!😏

Most servers are Linux now

It you get a flat tire, you get to a halt too, people....if you don't have the lug nut key, you can't change the tire , same as not having the BitLocker key😂😂😂😂

If an OTA update can derail the global economy, it's clear how dependent we are on software. It don't matter if people use Windows or Mac. We know China has zero day exploits waiting on Mac and Windows to deploy at their choosing. All of our food and water is dependent on code and software. Everyone should just start thinking about food and water for 30 days at home at the very least.

As a plus two decades Linux user ... all I can do is shake my head. People just doesn't want to learn.

Public Infrastructure = Public Code. Period.

Move to Sophos.

Software is political. The Linux stock exchange servers are purring. All operating systems are the same right? My custom Linux desktops 20+ years rock solid.

Unbelievable.

try to delete some antivirus from windows, it’s impossible

Should've lasted longer

Real time updates to production systems...hmmmm

I wonder if anyone knows how to program? Probably not I know someone who can, but ive got to take a shit

Who said it is not a kind of cyber attack!? Or type of hack against cs.. Stop trusting everything the ceo's say

Look at the Root! This is the problem with Software as a Services. Everything is Catastrophic when it's reliant on One system.

once again we miss the forest for the trees or is that the sky for the clouds ? either way, that darned BSOD is what has been causing much mess. why did it comeback again. guess who created it and why its back on us again. and after this would you still get yourselves stuck on the same ole OS ?

Have some cash at home.

Why TF anyone is still using Windows to run critical infrastructure??

Companies will forget about this in a few weeks. It is by far the best security solution out there. All the others just aren’t as robust with preventing breaches. The same exact issue happened with McAfee a decade ago so it just happens when things move so quickly

You can't just go on pretending windows is serious thing. It is only adequate for gaming.

have you tried switching off and on again .... 15 times .... 🤣🤣🤣🤣

lol the backgrounds in this video

That was a rather low tech talk, you do realize you could do things like not releasing updates to all system as the same time. When the hell did we stop testing on the purchase level of products? I always used testing environments for new updates and then I never updated all 30000 machines at the same time. This was not a critical emergency update! But I guess some lazy ass tech guy though it was better to be sleeping, most likely because greed didn't want to pay, bit chilling to see even The Register just boothlicking, instead of reporting on what really is the problem, because the "problem" is what get you paid.

Thank you for not putting Microsoft images on the headline image implying that Microsoft had any part in causing this mess, which so many other commentators are (still) doing. Did Crowdstrike do any testing of their builds before pushing them out? Beggars belief... Any IT department that does not know the Recovery Key for the Bitlockered systems they support are incompetent. Managers should answer what contingencies they have for catastrophic failures. Alternative methods of getting access to the Windows System should be second nature to any competent IT technician. A bit of a wake up call. What are they going to do next time?

Nobody says it aloud thet modern Windows still needs the 3rt party security packagew with such high privileges. Failure of Microsoft, too.

Alex jones was right

Snowflake will be happy

Crowdstrike should be renamed Clownstrike. Cause everyone who uses this software and produced this software are clowns 😂

Yeah, let's go to digital currency! 🤣

No worries about cyber attacks when rampant capitalism will simply move to destroy itself, why? Ha because it's more cost effective lol, and a bit more sinister when contracts are awarded exclusively to Israeli firms in cooperation with state agencies that enjoy freely accessing systems globally whenever they like, save for Russia which was unaffected...

Why people are not suing Microsoft ? If their software has caused loss to my business, they are responsible for it.

I'm disappointed by the quality of the sound in your videos. It's not rocket science to use proper mikes and headphones or earbuds. And stop talking at the same time. The quality of your written articles is always top notch. Your KZbin videos are amateurish.