The Verge: https://www.theverge.com/2024/7/19/24201864/crowdstrike-outage-explained-microsoft-windows-bsod
Tech

What happened with CrowdStrike?

admin

The Microsoft Effect of the Friday Night CrowdStrike Update on Internet Infrastructure and Computing Systems: Analyzing the Microsoft End-User Experience

Two internet infrastructure disasters on Friday caused disruptions in airports, trains, banks, hotels, television stations, and more. On Thursday night, the cloud platform was down. The situation became perfect when the CrowdStrike release of the flawed software update caused computers to go into a cascading state of disrepair. A Microsoft spokesperson tells WIRED that the two IT failures are unrelated.

The fix, for many, won’t be easy. IT admins are still trying to use an initial workaround, which involves a Windows system going into safe mode and then reverting to its normal state.

These steps force Windows to boot into a Safe Mode environment where third-party drivers like CrowdStrike’s kernel-level driver aren’t able to load. IT admins then have to locate the faulty driver on the disk and delete it. This workaround requires, in most cases, physical access to a machine. In some environments, it is not easy to wipe out the faulty driver because of BitLocker or lack of admin rights.

CrowdStrike’s update server and content delivery networks are likely being hammered by the millions of machines reaching its servers for an update, so it may take some time for the reboot method to work.

In that interview, Kurtz apologized for the damage that the CrowdStrike update had done, but there will undoubtedly be questions about how many machines around the world were affected by the update.

Tuning Notepad – A monthly newsletter covering Microsoft’s bets on AI, games, and computing, and the case of CrowdStrike

Sign up for Notepad by Tom Warren, a weekly newsletter uncovering the secrets and strategy behind Microsoft’s era-defining bets on AI, gaming, and computing. Subscribe to get the latest straight to your inbox.

CrowdStrike is a company that helps companies find and prevent security breeches by having the “fastest mean time” to detect threats. Since its launch in 2011, the Texas-based company has helped investigate major cyberattacks, such as the Sony Pictures hack in 2014, as well as the Russian cyberattacks on the Democratic National Committee in 2015 and 2016. CrowdStrike was worth up to $83 billion as of Thursday evening.

The outages could result in “millions” being lost by organizations impacted who have had to halt their operations or stop business, says Lukasz Olejnik, an independent cybersecurity consultant, who says the CrowdStrike update appears to be linked to its Falcon Sensor product. The Falcon system is part of CrowdStrike’s security tools and can block attacks on systems, according to the company.

It seems that the update installed faulty software onto the core Windows operating system which caused systems to get stuck in a boot loop. Systems are showing an error message that says, “It looks like Windows didn’t load correctly,” while giving users the option to try troubleshooting methods or restart the PC. The airline in India has been using the good old-fashioned way of doing things.

The Verge on IT Outages: How Computers Come Into Being: An Australian Cyber Security Expert Reveals the Case of a Worldwide Workstation Outage

“Our software is extremely interconnected and interdependent,” Lukasz Olejnik, an independent cybersecurity researcher, consultant, and author of the book Philosophy of Cybersecurity, tells The Verge. There are a lot of single points of failure, particularly when there is a software monoculture.

Although CrowdStrike has deployed a fix, getting things up and running won’t be a simple task. Olejnik tells The Verge that this issue could take “days to weeks” to resolve because IT administrators may have to have physical access to a device to get them working again. The size and resources of a companys IT team are used to determine how fast that happens. “Some systems in certain specific circumstances may be unrecoverable, but I assume that the majority will be recovered,” Olejnik adds.

Australian banks, airlines, and TV broadcasters first raised the alarm as thousands of machines started to go offline. The issues are now spreading, as businesses based in Europe are starting their working days. UK broadcaster Sky News is currently unable to broadcast its morning news bulletins, and is showing a message apologizing for “the interruption to this broadcast.” One of the biggest airlines in Europe, Ryanair, says it is having a third-party IT issue impacting flight departures.

All flights from Delta, United, and American Airlines are in the air according to the FAA. Travel delays are warned by the Berlin airport. Many 911 emergency call centers in Alaska have also been impacted by the issues.

“It’s the biggest case in history—we’ve never had a worldwide workstation outage like this,” says Mikko Hyppönen, the chief research officer at cybersecurity company WithSecure. According to hypnotisn, widespread outages were more common around a decade ago due to the spread of worms. Over the last year or two, global outages have become a consequence of cloud providers such as Amazon Web Services, internet cable cuts, or root cause issues in systems.

Several issues with Microsoft’s applications and services are being fixed in what appears to be a separate outage. The change in configuration of a portion of the infrastructure is the root cause of those issues.

Banks, airports, TV stations, hotels, and countless other businesses are all facing widespread IT outages, leaving flights grounded and causing widespread disruption, after Windows machines have displayed errors worldwide.

The Digital Cataclysmic Event: How Digital Crime has Been Triggered by Viruses, Malware and Trojans?

Microsoft stated in a statement that it was aware of issues with Windows devices and that a resolution would be forthcoming.

A huge knock-on impact on public services and businesses has been caused by the CrowdStrike update. Scores of airports are facing delays and long queues, with one passenger in India sharing a hand-written boarding pass that they have been issued.

The Slammer worm of 2003 was one of the few times that a single piece of code has been enough to wreck a computer system. Russia’s Ukraine-targeted NotPetya cyberattack. North Korea has a self-spreading virus. The ongoing digital catastrophe that crippled the internet and IT infrastructure worldwide over the last 12 hours appears to have been triggered by software designed to stop the hackers, not by malicious code.

In, ,
Previous post Around the world computers have been taken Down by Microsoft Outage and CrowdStrike
Next post Silicon Valley’s billionaire Elegy and Donald Trump

More Stories

Microsoft has created a new collaborative artificial intelligence playground called Copilot Pages

admin

Microsoft’s AI Assistant Copilot will be coming to Microsoft Teams and OneDrive later this month. As part of the announcement, Microsoft is also adding Python support to Excel to allow users to use it to conduct advanced analysis on spreadsheet data using natural language. Copilot will summarize conversations that happened in text chat and spoken ones in meetings later this month.

NASA’s Starliners don’t feel let down by Boeing

admin

NASA astronauts Suni Williams and Butch Wilmore, who were stranded in space for over two months due to technical issues with their Boeing Starliner spacecraft, have said they are still positive. The extended stay in space was caused by the technical issues with their ship, which was supposed to be a final test flight before Starliner would be certified for regular use in missions.

The seismologists couldn’t figure out what the weird signal was from the mega-landslide

admin

Researchers claim to have solved the mystery behind a tsunami in Greenland’s Dickson fjord last year. “The landslides produced a seiche that generated a striking seismological signature,” Columbia University geophysicist Gran Ekstrm said. “We definitely expect the frequency of landslides and tsunamis to increase in the Arctic as a result of global warming,” he added.

Famed Pacific island’s population is not real

admin

A new species of parasitoid wasp has been discovered in a Rapa Nui fruit fly, researchers have said. The new species, identified as melanogaster, infects the fly, which is known to be a model organism for the ecocide theory that claims Rapa Nui’s inhabitants were behind the impact of European settlement. It was found to carry DNA from the ancient Rapanui people.