Windows update causes airlines, bank outage

Cath O'Deray said:
So says someone on YouTube, with fifteen thousand upvotes, but is he correct?

CrowdStrike's blog post is emphatic:

"… Although Channel Files end with the SYS extension, they are not kernel drivers. …"​
Click to expand...
I'm not a sec expert. Instead of throwing sarcarsm at me, please if you wish just look at the video and report back. To me it looks pretty legit, maybe you're more experienced than me and can help me understand better. Thanks.
 
Some poor person just had a really bad day. It sounds like it might be a 'career-limiting' issue. I hope whoever it is has got a screenshot of the manager telling him/her not to bother testing it before checking it in, "'coz we have to make the dates".
 
fmc000 said:
I'm not a sec expert. Instead of throwing sarcarsm at me, please if you wish just look at the video and report back. To me it looks pretty legit, maybe you're more experienced than me and can help me understand better. Thanks.
Click to expand...
He clearly states that "...the main Crowstrike driver was loading..." the corrupt .sys file at this point in the video:
View: https://www.youtube.com/watch?v=pCxvyIx922A&t=258s


His analysis of the register state at the time of the crash sounds legit to me, but I'm hardly an expert in such things.
 
Oh dear, a null pointer exception during driver load! How did it ever get shipped like that? Better not ask :D
Was that the bit that chatgpt wrote, I wonder? I'll deeestroy you, hooomanz.... :rude: bwahahahaha!!!
 
Even harder to understand than the supplier side is the customer side. I read that the supplier TOS explicitly say 'don't use this for serious systems' and still airports and clinics shut down.

What compliance rules do they have, that the TOS could be ignored. This failure is not technical in the first place. That's management ignoring smallprint, lol.

Update: See https://blog.fefe.de/?ts=98652216&css=https://mro.name/fefe.css for a verbatim quote from the german translation.
Update: english, see 8.6 https://www.crowdstrike.com/terms-conditions/
 
Soo... it's supposed to protect you from 'fancy bear', but you shouldn't use it on any systems that are mission critical, because it's not for 'serious' systems? Ummm... so what use actually is it? And why are we spending money on it? :)
 
Quoted by Richard Speed in The Register:

"… We can't boot into safe mode because our BitLocker keys are stored inside of a service that we can't login to because our AD is down. …"

I'm not without sympathy, however that's not the fault of CrowdStrike, it sounds like short-sighted planning by systems administrators.

If I choose to have no spare key to my home, then the one and only key is lost: for as long as I'm homeless, it's my fault …
 

Attachments

  • 1721617777381.png
    1721617777381.png
    97.7 KB · Views: 30
You must log in or register to reply here.
Back
Top