Windows update causes airlines, bank outage

Actually this wouldn't happen if the servers were anything. Imagine you have the luxury of a cloud with infinite redundancy (or at least is what they say) that doesn't provide redundancy.
 
This was not Windows itself the problem here but a CrowSrtike's update which is an Antivirus for big companies.
But yeah today's news are scary to read, automatically updates that aren't checked enough before being pushed can have terrible consequences, Bank, Hospital, Hotels, Airlines, etc all over the world.
 
menelkir said:
Actually this wouldn't happen if the servers were anything. Imagine you have the luxury of a cloud with infinite redundancy (or at least is what they say) that doesn't provide redundancy.
Click to expand...
the_cloud.png
 
Root cause analysis from CrowdStrike (not Microsoft):

"We understand how this issue occurred and we are doing a thorough root cause analysis to determine how this logic flaw occurred. This effort will be ongoing. We are committed to identifying any foundational or workflow improvements that we can make to strengthen our process. We will update our findings in the root cause analysis as the investigation progresses."

One of the crashed machines to which I attended yesterday did not require removal of the impacted file. This remediation without removal is probably old news by now.
 
It is not "Windows update" but software update. It is interesting why after first problems in Australia, the update is not stopped.
 
I just watched a video on YT where it was mentioned that the problem was that CrowdStrike released a SYS binary composed only by zeros and loading it caused a null pointer dereference and thus the crash.
 
According to a news report I read, Microsoft's recommended remedy was to "just keep rebooting it" - probably up to 15 times. Sounds to me like a memory corruption issue and with a bit of luck things straighten themselves out if the memory gods align the stack pointers just right?
 
fmc000 said:
YouTube stuff "… a kernel mode driver, a .sys file …"
Click to expand...

So says someone on YouTube, with fifteen thousand upvotes, but is he correct?

CrowdStrike's blog post is emphatic:

"… Although Channel Files end with the SYS extension, they are not kernel drivers. …"​
 
Instead of using Windows 3.11 you could just not install crowdstrike.

(unless those 3.11 boxes were indeed running crowdstrike, too)
 
chrislongros said:
Would this happen if the servers were FreeBSD-based?
I mean every system can be broken but ...

https://www.bbc.com/news/live/cnk4jdwp49et
Click to expand...
You are asking about commercial service. This is official supported OS list: Supported OS.
FreeBSD is not one of them, so we can talk only hypothetically. Could such software be written for FreeBSD? Yes. Could it cause kernel panic? Yes.

Unfortunately many corporations/business push on having both crowdstrike and antivirus on Linux boxes. I've seen fair share of kernel panics caused by either.
 
Cath O'Deray said:
I hope that a chief technology officer will make a more informed decision.
Click to expand...
Of course there will be right decisions made.

But life experience always tell me, that most company's decisions are made by salesmen, and they not always listen to engineers, nor realize those actually want to prevent greater damages with their "fancy ideas."

Otherwise a lot less imature, defective products would be released into nature,
as CrowdStrike itself just proved, again.

As I imagine the current situation in some companys it's like this:
"Fix it! Fix it! Fix it! Fix it! Fix it! Fix it! Fix it! Fix it!"
"Of course. And we would make better effort if you stop stress around uselessly here, but reconsider what to change for the future, instead killing our nerves. Especially if we don't want to experience the same crap in the future again. Which of course again would not be the first time: I told you so."
"Yeah, yeah, we will see, but now: Fix it!! Fix it!! Fix it!! Fix it!! Fix it!! Fix it!! Fix it!! Fix it!!"
 
You must log in or register to reply here.
Back
Top