Global Microsoft outage hits due to CrowdStrike Update Definitions

MrGuvernment said:
Sure no one thought CrowdStrike would do this either, and yet they did, twice now actually, with Debian/ Rocky linux a few months back and now windows.

How often has MS released patches that hosed their Server OS or core functionality? Sure, did not take down half the world, but point is big companies take short cuts all the time.
Click to expand...
"Other companies may hypothetically do bad things, so I'm going to stick with a company with a proven track record of doing bad things."

Got it.
 
367 Machines Impacted by this, still getting some trickle in here and there. I worked Friday, Saturday and Monday to get most of em resolved. It's not the worst issue I have ever seen. Just a prior Dell had pushed a BIOS update that bricked over 20 of our Latitude 5420's...
 
Legendary Gamer said:
367 Machines Impacted by this, still getting some trickle in here and there. I worked Friday, Saturday and Monday to get most of em resolved. It's not the worst issue I have ever seen. Just a prior Dell had pushed a BIOS update that bricked over 20 of our Latitude 5420's...
Click to expand...
They didn't brick mine, but FUUUUUCK they took a long time to boot after that one, they just hung at a black screen.
I just left them on and was like well I can't deal with this today so I am going to leave them here and deal with it in the morning, and in the morning they were all sitting at a login screen.
I get I was part of the lucky minority on that batch.
 
Shoganai said:
"Other companies may hypothetically do bad things, so I'm going to stick with a company with a proven track record of doing bad things."

Got it.
Click to expand...

If you keep moving companies you will eventually run out because every company has done bad things at some level. At this point it is pick the one least worst one.

CS did really screw the pooch on this one as it seems they pushed the update out by passing configs to slow release patches customer had in place, which if true, lawsuits are going to be insane for this one.
 
MrGuvernment said:
If you keep moving companies you will eventually run out because every company has done bad things at some level. At this point it is pick the one least worst one.
Click to expand...
No company has done what they've done. I'm not sure what you're defending. The least worst one would be anyone but CrowdStrike.
 
CrowdStrike reportedly sends $10 Uber Eats gift cards to clients as apology for global IT meltdown

In an email addressed to “CrowdStrike partners” obtained by TechCrunch, the embattled cybersecurity firm apologized for “the additional work the July 19 incident has caused”

“To express our gratitude, your next cup of coffee or late night snack is on us!” said the email, which included a promo code for Uber Eats and was reportedly sent in the name of CrowdStrike’s chief business officer Daniel Bernard...

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/
 
polonyc2 said:
CrowdStrike reportedly sends $10 Uber Eats gift cards to clients as apology for global IT meltdown

In an email addressed to “CrowdStrike partners” obtained by TechCrunch, the embattled cybersecurity firm apologized for “the additional work the July 19 incident has caused”

“To express our gratitude, your next cup of coffee or late night snack is on us!” said the email, which included a promo code for Uber Eats and was reportedly sent in the name of CrowdStrike’s chief business officer Daniel Bernard...

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/
Click to expand...
Are you sure this is not the onion ????????

On Wednesday, some of the people who posted about the gift card said that when they went to redeem the offer, they got an error message saying the voucher had been canceled. When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”

CrowdStrike did not immediately respond to a request for comment.
 
polonyc2 said:
CrowdStrike reportedly sends $10 Uber Eats gift cards to clients as apology for global IT meltdown

In an email addressed to “CrowdStrike partners” obtained by TechCrunch, the embattled cybersecurity firm apologized for “the additional work the July 19 incident has caused”

“To express our gratitude, your next cup of coffee or late night snack is on us!” said the email, which included a promo code for Uber Eats and was reportedly sent in the name of CrowdStrike’s chief business officer Daniel Bernard...

https://techcrunch.com/2024/07/24/crowdstrike-offers-a-10-apology-gift-card-to-say-sorry-for-outage/
Click to expand...
That is unimaginably pathetic.


Marees said:
Are you sure this is not the onion ????????

On Wednesday, some of the people who posted about the gift card said that when they went to redeem the offer, they got an error message saying the voucher had been canceled. When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”

CrowdStrike did not immediately respond to a request for comment.
Click to expand...
haha-so.gif
 
Marees said:
Are you sure this is not the onion ????????

On Wednesday, some of the people who posted about the gift card said that when they went to redeem the offer, they got an error message saying the voucher had been canceled. When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”

CrowdStrike did not immediately respond to a request for comment.
Click to expand...
Even the gift card blue screened...

Fuck CrowdStrike
 
Newbie_52 said:
is this true this type of software only has access to kernel due to legislation, would it be as effective if it ran at user level?
Click to expand...

It is conceivable that advanced tracing frameworks like dtrace and eBPF could provide the functionality required here. If not now then you could possibly make them so.

But this goes back to Windows being closed source. In Linux or BSD crowdstrike themselves could expand these frameworks. For Windows their only option is to beg MS and hope for the best. So a kernel module it is.
 
Lakados said:
They didn't brick mine, but FUUUUUCK they took a long time to boot after that one, they just hung at a black screen.
I just left them on and was like well I can't deal with this today so I am going to leave them here and deal with it in the morning, and in the morning they were all sitting at a login screen.
I get I was part of the lucky minority on that batch.
Click to expand...
The Dell BIOS bricking is still an ongoing issue. I just got removed from that support case by my peers because I'm too much of a hardass with Dell. I have replaced 50 machines en masse in a text chat without jumping though hoops, and this time an executive was in the email chain and thought I was being mean to dell telling them I shouldn't have to send them 10 pictures of the front and backs of 5 Bricked BIOS machines in order to get them replaced and to prove we didn't beat the laptops to death... SO, I am so old school and have zero patience with the foreign tech support teams at Dell that ... I guess I just no longer fit in with modern politics and sentiments in IT departments. I try to get shit done, not sit on my fucking hands for weeks while Dell techs dick around. But I am no longer wanted for that kind of service and support apparently.

As for the Crowdstrike issue, I just had one that didn't manifest until after deployment. The update downloaded during the imaging process and didn't manifest until the user had fully built the machine up and activated it. Once all the software modules loaded and the security profiles hit, took the machine out hard. I just entered the bitlocker code SEVEN times in order to get it to the point where I could reach the command prompt and delete the c-00000291*.sys file. This is the first one in 2 days, so hopefully we got most of em. Though I did see another tech request a bitlocker key a couple min ago...

It was nasty, but we got though it. I need a new job though, I am tried of this place and being an IT contractor here blows.....
 
Legendary Gamer said:
The Dell BIOS bricking is still an ongoing issue. I just got removed from that support case by my peers because I'm too much of a hardass with Dell. I have replaced 50 machines en masse in a text chat without jumping though hoops, and this time an executive was in the email chain and thought I was being mean to dell telling them I shouldn't have to send them 10 pictures of the front and backs of 5 Bricked BIOS machines in order to get them replaced and to prove we didn't beat the laptops to death... SO, I am so old school and have zero patience with the foreign tech support teams at Dell that ... I guess I just no longer fit in with modern politics and sentiments in IT departments. I try to get shit done, not sit on my fucking hands for weeks while Dell techs dick around. But I am no longer wanted for that kind of service and support apparently.

As for the Crowdstrike issue, I just had one that didn't manifest until after deployment. The update downloaded during the imaging process and didn't manifest until the user had fully built the machine up and activated it. Once all the software modules loaded and the security profiles hit, took the machine out hard. I just entered the bitlocker code SEVEN times in order to get it to the point where I could reach the command prompt and delete the c-00000291*.sys file. This is the first one in 2 days, so hopefully we got most of em. Though I did see another tech request a bitlocker key a couple min ago...

It was nasty, but we got though it. I need a new job though, I am tried of this place and being an IT contractor here blows.....
Click to expand...
Im with you and I guess im old school too, vendors suck and they should be treated as such until they prove they are not a typical vendor.
 
Marees said:
Is it

$10 per PC
$10 per organization
$10 per person
Or any other methodology ???
Click to expand...
Total guess here as my stuff doesn't use CS, but I would assume it's $10 per customer account main contact at CS. I didn't see a copy of this email so I don't know. Per PC/Server or per person would bankrupt them.

This makes AT&T's "here's your $5 credit for not having a cell phone for 10 hours" seem like a deal.
 
$10 appreciation voucher is a huge f slap in the face. This outage is one of the most unprecedented, large scale outages in IT history.
The losses $$ ... Could they be in the billions?
 
Legendary Gamer said:
I need a new job though, I am tried of this place and being an IT contractor here blows.....
Click to expand...
Maybe some of the other IT pro's here in this forum can help you out here? Maybe they could PM you with info. I wish I could, but I'm not an IT pro, and I recently retired. Things move so fast these days that my knowledge of the job market is way out of date.
 
philb2 said:
Maybe some of the other IT pro's here in this forum can help you out here? Maybe they could PM you with info. I wish I could, but I'm not an IT pro, and I recently retired. Things move so fast these days that my knowledge of the job market is way out of date.
Click to expand...
Nice of you to say. The job market is so hard to get hired in these days... I am applying but some of it I am gonna have to wait a while for. Applied at Cleveland Cliffs recently, but I heard you typically don't hear back from them for about a year unless they think you're hot shit. I'm not. I'm just an old, tired, technician that was once a Project Manager and got burnt out doing infrastructure work. Now I work as a field services tech/engineer and help desk at BP in NW Indiana. I hate Chicago, almost nothing can get me to take a job there unless it pays more money than god. The drive is nasty, the trains aren't safe and Chicago is a corrupt, dangerous, shithole that's been run into the ground with bad politics.

I'm looking at something called Field Nation, one of the techs here is making 60 bucks an hour working as a 1099 employee... Doesn't sound too bad, even if I don't make that much. https://fieldnation.com/

I would be moving from stability to whatever contract I could be placed in ... Not sure I want to do that , but money talks and ...
 
Legendary Gamer said:
Nice of you to say. The job market is so hard to get hired in these days... I am applying but some of it I am gonna have to wait a while for. Applied at Cleveland Cliffs recently, but I heard you typically don't hear back from them for about a year unless they think you're hot shit. I'm not. I'm just an old, tired, technician that was once a Project Manager and got burnt out doing infrastructure work. Now I work as a field services tech/engineer and help desk at BP in NW Indiana. I hate Chicago, almost nothing can get me to take a job there unless it pays more money than god. The drive is nasty, the trains aren't safe and Chicago is a corrupt, dangerous, shithole that's been run into the ground with bad politics.

I'm looking at something called Field Nation, one of the techs here is making 60 bucks an hour working as a 1099 employee... Doesn't sound too bad, even if I don't make that much. https://fieldnation.com/

I would be moving from stability to whatever contract I could be placed in ... Not sure I want to do that , but money talks and ...
Click to expand...
“Delta CEO Says CrowdStrike-Microsoft Outage Cost the Airline $500 Million
msmash 5 hours ago
60
Delta Air Lines CEO Ed Bastian said the massive IT outage earlier this month that stranded thousands of customers will cost it $500 million. From a report:Bastian said the figure is representative of not just the lost revenue, but "the tens of millions of dollars per day in compensation and hotels" over a period of five days. The airline canceled more than 4,000 flights in the wake of the outage, which was caused by a botched CrowdStrike software update and took thousands of Microsoft systems around the world offline. The company had to manually reset 40,000 servers, Bastian said. Further reading: Delta Seeks Damages From CrowdStrike, Microsoft After Outage.”
 
erek said:
“Delta CEO Says CrowdStrike-Microsoft Outage Cost the Airline $500 Million
msmash 5 hours ago
60
Delta Air Lines CEO Ed Bastian said the massive IT outage earlier this month that stranded thousands of customers will cost it $500 million. From a report:Bastian said the figure is representative of not just the lost revenue, but "the tens of millions of dollars per day in compensation and hotels" over a period of five days. The airline canceled more than 4,000 flights in the wake of the outage, which was caused by a botched CrowdStrike software update and took thousands of Microsoft systems around the world offline. The company had to manually reset 40,000 servers, Bastian said. Further reading: Delta Seeks Damages From CrowdStrike, Microsoft After Outage.”
Click to expand...
They can seek compensation, that's in their right, but they won't be able to.
The fact it took them so long is a failure on their part, they should have had better management tools in place.
Cloudstrike is going to lose that client either way.
 
Lakados said:
The fact it took them so long is a failure on their part
Click to expand...
Not sure how any of this is their fault. Client PC's at airports aren't just readily accessible to an IT team. What would your solution be lol
 
Verge said:
Not sure how any of this is their fault. Client PC's at airports aren't just readily accessible to an IT team. What would your solution be lol
Click to expand...
Plenty of solutions exist for that, why are the machines not equipped with an inline IPMI, iDRAC, iLO, BMC, etc... interface?
The PC could be off but as long as it has power you can access it over a secured connection, for remote management, complete with virtual USB, keyboard, and mouse input, you can access system files and BIOS.
From there they could re-image the whole machine if they needed too, but using it to get system file access to delete the one file they needed would be simple.
There are cluster managers available for those interfaces, they take command line input, use the manager to log into all the PC's contained in the cluster script out the removal of that file, and push it out to all the devices in the cluster.

I might only have a few dozen servers, but I have had plenty of updates over the last 2 decades that have mass-borked machines and I can't imagine not using an IPMI interface to deal with those sorts of situations.

Desktops I have the bulk of them doing this through Intel Management Engine, thought that is very limited.
 
Last edited:
Lakados said:
They can seek compensation, that's in their right, but they won't be able to.
The fact it took them so long is a failure on their part, they should have had better management tools in place.
Cloudstrike is going to lose that client either way.
Click to expand...
If they do end up court, I don't think cloudstike defense would be 'u should have been better prepared yourself for us to screw up!' lol

But yea they won't have to pay much due to terms/contract etc I would guess. Maybe some refund on what they already paid
 
erek said:
“Delta CEO Says CrowdStrike-Microsoft Outage Cost the Airline $500 Million
msmash 5 hours ago
60
Delta Air Lines CEO Ed Bastian said the massive IT outage earlier this month that stranded thousands of customers will cost it $500 million. From a report:Bastian said the figure is representative of not just the lost revenue, but "the tens of millions of dollars per day in compensation and hotels" over a period of five days. The airline canceled more than 4,000 flights in the wake of the outage, which was caused by a botched CrowdStrike software update and took thousands of Microsoft systems around the world offline. The company had to manually reset 40,000 servers, Bastian said. Further reading: Delta Seeks Damages From CrowdStrike, Microsoft After Outage.”
Click to expand...

And yet they were willingly running Windows with complex extra software inside the kernel.

From a system architecture standpoint it was a matter of when, not if, something like this happened.

Also, Unix like systems would only need a serial console (or a virtual one) to recover from a boot failure due to a panic in an early loaded kernel module, Just making the system headless with no console at all and hoping for the best is not a winning strategy.
 
Last edited:
Newbie_52 said:
If they do end up court, I don't think cloudstike defense would be 'u should have been better prepared yourself for us to screw up!' lol

But yea they won't have to pay much due to terms/contract etc I would guess. Maybe some refund on what they already paid
Click to expand...
Right but what if a windows update had done this, or a routine driver update, or any sort of software update?

What if a huge zero day was discovered and they needed to do mass patching.

This pointed out who does and doesn’t have good disaster recovery tools and procedures in place.
Lots of places got caught with their pants down.
Cloud strikes reputation is basically garbages now, and they are going to lose a lot of customers. But I doubt any of their clients can get much from them. Refund on their remaining contract term and a wave of the early cancellation fees certainly but unlikely anything beyond that.

I mean, if anybody understands a minor change fucking over travel plans it should be them. You would think the airlines would be a lot more understanding of the situation….
 
Lakados said:
Right but what if a windows update had done this, or a routine driver update, or any sort of software update?

What if a huge zero day was discovered and they needed to do mass patching.

This pointed out who does and doesn’t have good disaster recovery tools and procedures in place.
Lots of places got caught with their pants down.
Cloud strikes reputation is basically garbages now, and they are going to lose a lot of customers. But I doubt any of their clients can get much from them. Refund on their remaining contract term and a wave of the early cancellation fees certainly but unlikely anything beyond that.
Click to expand...
There was a Windows update that wiped people's hard drives. Even though CrowdStrike is full of morons, you're right that people need to have better disaster recovery implementations in place. Microsoft famously has horrendous update issues.
 
Lakados said:
Right but what if a windows update had done this, or a routine driver update, or any sort of software update?

What if a huge zero day was discovered and they needed to do mass patching.

This pointed out who does and doesn’t have good disaster recovery tools and procedures in place.
Lots of places got caught with their pants down.
Cloud strikes reputation is basically garbages now, and they are going to lose a lot of customers. But I doubt any of their clients can get much from them. Refund on their remaining contract term and a wave of the early cancellation fees certainly but unlikely anything beyond that.

I mean, if anybody understands a minor change fucking over travel plans it should be them. You would think the airlines would be a lot more understanding of the situation….
Click to expand...

CrowdStrike is sued by shareholders over huge software outage​


https://www.reuters.com/legal/crowd...holders-over-huge-software-outage-2024-07-31/

1722487591802.png
 
erek said:

CrowdStrike is sued by shareholders over huge software outage​


https://www.reuters.com/legal/crowd...holders-over-huge-software-outage-2024-07-31/

View attachment 669677
Click to expand...
The Shareholders hired Pomerantz LLP, and they are investigating claims on behalf of investors of CrowdStrike Holdings, Inc.
The investigation concerns whether CrowdStrike and certain of its officers and/or directors have engaged in securities fraud or other unlawful business practices.

The class action is to recoup costs for CrowdStrike's investors, but it has nothing to do with their clients.
Clients are going to get the shaft, more so now.
 
erek said:
“Delta CEO Says CrowdStrike-Microsoft Outage Cost the Airline $500 Million
msmash 5 hours ago
60
Delta Air Lines CEO Ed Bastian said the massive IT outage earlier this month that stranded thousands of customers will cost it $500 million. From a report:Bastian said the figure is representative of not just the lost revenue, but "the tens of millions of dollars per day in compensation and hotels" over a period of five days. The airline canceled more than 4,000 flights in the wake of the outage, which was caused by a botched CrowdStrike software update and took thousands of Microsoft systems around the world offline. The company had to manually reset 40,000 servers, Bastian said. Further reading: Delta Seeks Damages From CrowdStrike, Microsoft After Outage.”
Click to expand...
Yeah, I know it hammered BP Globally. We had techs working round the clock trying to unlock systems and restore the business. I am STILL getting walk-ins with Crowdstrike issues as latecomers and remote users show up with their laptops "I have a frowny face on my PC".... Jesus... Normies will be the death of me. He's talking about a BSOD. lol
 
You must log in or register to reply here.
Back
Top