My laptop run into recovery mode approx 30 minutes ago. My friends reported the same. My colleagues in Singapore, China, Hong Kong also reported the same issue.Anyone know what happened? Crowdstrike was hacked?
Computer Run into Recovery Mode
gstfree on 19/07/2024 - 16:10
Related Stores
Comments
- 1
- 2
Per my comment below, applying the fix will take some manual intervention.
For corporate users without access to fix it your best option is to contact your I.T. team to find out what plan they have in place.
Until you do that it's only speculation what options you have, so ask the people who can help you.
Home/domestic users not affected
Is your ws on RHEL with PostGres db?
No. We use CSV files on MSDOS 6.22.
LoL, better than cassette tape with ZX Spectrum.
nothing to do with Azure, Crowdstrike (i.e. a security company) issued a bad update to their security product which is crashing machines.
mission accomplished.. no virus will get onto any of the affected PC's.
Antivirus is the virus.
Jetstar cannot check-in passengers at the airport… For the win !!!
That's a disaster. It warrants global IT security review.
Supermarkets are down…
7-Eleven down…
Supermarkets are downβ¦
π΅πΆ down, down. coles are down πΆπ΅
Coles link with DoorDash still seems to be down.
LOL happened to the partner too.
The funniest part is given they are in a boot loops you'll need to take laptops into the office for IT to deal with it.
The funniest part is
Why is that funny ?
Cause it doesnt effect him/her/it/they
@netjock seriously?? I was afraid that, windows need to be reinstalled
There is a fix on X which is to go into safe mode and renamed one of the files in the crowdstrike directory c-00000291.sys to .rename
So long as you aren't bitlockered, which a lot of corporates will be.
@closey: not sure how to check that bitlockered but even now im at home, tried to turn on my laptop it still give me blue screen. 100% they wont be able to fix mine if i cant even go into windows, right? and yeah bios is locked.
i cant even change few thing on display properties let alone accessing some system files lol@CyberMurning: Bitlock is windows pro. Most likely work laptops would have it to encrypt the drive.
There is stuff on X right now how IT people are going to have to manually fix thousands of computer that is in boot loop because most people don't have admin access to apply the manual fix (delete the file).
It is going to be fun times. I'd suggest people start making appoints with work tech hubs right now because on Monday it is going to be rammed.
Heads are going to roll at Crowdstrike because pretty massive fail!
CrowdStrike recognized as a "dominant endpoint" solution with "superior vision"
Hold my beer
Can't buy beer… Register showing BSOD !!!!
CODE BROWN…
DEFCON 100000000
I was having a meeting with my colleagues and a few people reported they got blue screen at the same time. I immediately offline my laptop and now I am the only person who can work offline :)
Whats fun in working offline… cant check ozb
I download OzBargain each morning as a backup so I can still post, even without internet.
Pornhub is still up. What's the problem people?
TAB down, but Sportsbet still go
Why spbet is fine?
Sportsbet gave me $100 bonus bet for the trouble. Thing is, Iβm overseas so I couldnβt bet without VPN. Flew out with Jetstar on Thursday so I think I was lucky to escape the debacle.
Beautiful day today as many IT managers are screwed big time because of a "Single Point of Failure".
Engineering fail 101.
what single point of failure are you talking about?
A single point of failure (SPOF) is a part of a system that, if it fails, will stop the entire system from working.
Are you up to date on the news?
This is what happens when we have a monopoly.
This is what happens when we have a monopoly.
My computers are all still working fine…
All my systems are running perfectly fine. Crowdstrike has a large marketshare, but nowhere near a monopoly.
Not so much a monopoly as a herd mentality.
I am up to date on the news, it happened to me at 2:40pm, then my peers in the following 10minutes. I happen to work for a managed service company so i saw the calls come in & escalations to oncall teams skyrocket. So yes I am relatively closer to what is happening than most ozbner.
Back to my point this is not really caused by a 'single point of failure', nor does crowdstrike have a monopolistic share of the market. I think you have a different definition of those than me that's all. Wanted to understand.
Will the AFL teams be able to fly interstate for their weekend games now!
Will supporters be able to scan into the game tonight with their digital memberships?
Essendon have confirmed that digital memberships will not be working for tonight's game… π²
https://scontent.fmel10-1.fna.fbcdn.net/v/t39.30808-6/451818β¦
This would never have happened if it was a Collingwood game would it.
Not a Collingwood home game…
True… none of em would be up on the technology… :P
The AFL boss chick on SEN just now said go to GATE 5 for bumbler fans, everyone else - other gates
They need their physical membership cards.
No dramas here
Just horror and comedies…
Cash is King andies are loving today
Cash registers are not opening.
Nah just open them?
The cash only registers at my local coles were the only ones that were open.
Our Coles doesn't have cash only registers.
@jv: I should have said only 3 registers accept cash at my local coles and they were the only ones open.
We decentralised from China successfully, now it is time to decentralise from these Stupid Software Monopolies.
these Stupid Software Monopolies.
which ones?
Crowdstrike, it's basically malware anyway due to how invasive it is.
I don't use them.
Err…i don't think we have decentralised from china at all. And there is no software monopoly. You are using some big wide brush strokes to paint Crowdstrike as some big nefarious company.
I personally don't like Crowdstrike, I have had to tell their ANZ support manager their process sucks in fact, so I am not defending them, but you are sounding like someone that needs to know the details.
There are MANY enterprise security vendors out there (Sophos, ESET, Bitdefender, MS Defender, Trend), and Windows is not the only OS (Mac, Android, Linux and even Java). So I don't understand why you are peddling some monopoly conspiracy.
Saw this workaround on Reddit:
- Boot Windows into Safe Mode or the Windows Recovery Environment
- Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
- Locate the file matching βC-00000291*.sysβ, and delete it.
- Boot the host normally.
For those who are stuck with a corporate computer with CrowdStrike installed.
Like any IT support person with the necessary access is going to apply this fix manually to a user system.
We told ~2000 employees to shut down their systems and go home early.
Most people are going to be massively screwed because they don't have administrative privileges to do that fix… lol.
Especially when you take into account the type of client Crowdstrike has…
Can normal staff with locked company laptop able to do that, or IT can do it for us remotely (but how as i got loop blue screen boot). Or we need to bring our laptop to office and they do it one by one?
@scotty
Can't be done remotely, you can if you can access recovery or safe mode but that might not be possible.
Yeah, and also might have bitlocker installed on those systems too. lol.
Thanks for confirming next monday would be no work with salary!
Thank you Scotty. We are not big in Australia, but have more than 500 windows laptops around the country. Aparently we have to find the bitlocker key and delete the file manually.
Oh boy, all the best.
Business as usual in Japan according to ABC, except McDonalds, lol.
Because they love Trend Micro over there. Good on them.
Crowdstrike were cheeky, pushing out the update on a Friday. lol.
I really hope their company disappears from the face of this earth. lol.
Im tipping plenty of companies will be going elsewhere… but then again IM sure Crowdlemon wont let it happen again
Wont let it happen again…
Until it happens again….Once in a 100 year event.
Becareful of what you wishing for
Most of these anti-malware definition updates are pushed out multiple times every single day. Friday is not special. Unless you want malware vendors to primarily release on Fridays of course.
Whatever happens to Crowdstrike, it probably won't be them next time. (They most likely have learnt their lesson). Just like Optus won't lose everyone's data in the same way next time. π
Just like Optus won't lose everyone's data in the same way next time.
I agree. Optus will find another way to procreate up!
"crowdstrike strikes a crowd strike" should be the headline
FalconStrike takes down planes (and airports)
Legally and financially (lawyers be barrin up now) wonder where this leaves crowdstrike…
It leaves them with a share price down 20% premarket opening.
Hopefully this will put another nail in the coffin of all the digital id and cashless society plans bs.
Negs go your hardest π€£Yep just skip digital bulls and go straight to chip implants on hand, forehead and foot. And retina scanners. Truly cashless and cardless
The brain is already gone in many anyway. Replaced by AI.
Yes, please stop making life better easier and more secure for everyone. I miss living in the mud flats next to the floodplains.
Is that you Shrek?
Sure it made life easier today!!!
Whats a counter-strike?
Skynet became self-aware it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dorm rooms, everywhere. It was software in cyberspace. There was no system core.
It could not be shut down. The attack began at 4:18 p.m., just as he said it would. Judgment Day. The day the human race was nearly destroyed by weapons they'd built to protect themselves. I should have realized our destiny was never to stop Judgment Day. It was merely to survive it together
Judgment Day. The day the human race was nearly destroyed by weapons they'd built to protect themselves
Mad Max time! The Interceptor is ready and fueled up.
I sure hope those who are fixing people's computers know better than to just delete the files mentioned by some cybersecurity firms.
Crowdstrike basically just dumped a malicious payload on computer systems worldwide. Would you just delete it and go on your merry way? I sure hope we have better standards as professionals.
The systems involved should be deemed to be compromised. Can you guarantee that the update did not affect data integrity? No, you cannot.
#CrowdstrikeIsMalware
Keeping Crowdstrike installed is also a possible threat. How do you know whether there wasn't something dumped which gets re-executed upon being scanned by their own software? Are you really going to trust what they tell you?
Treat the systems as compromised. Do it once, do it well.
- 1
- 2
Outages are being reported globally. Many orgs are affected.