Faulty Windows Update from CrowdStrike Hits Banks and Airlines Around the World

btarunr · Jul 19, 2024

A faulty software update to enterprise computers by cybersecurity firm CrowdStrike has taken millions of computers offline, most of which are in a commercial or enterprise environment, or are Azure deployments. CrowdStrike provides periodic software and security updates to commercial PCs, enterprise PCs, and cloud instances, with a high degree of automation. The latest update reportedly breaks the Windows bootloader, causing bluescreens of death (BSODs), and if configured, invokes Windows Recovery. Enterprises tend to bulletproof the bootloaders of their client machines, and disable generic Windows Recovery tools from Microsoft, which means businesses around the world are left with large numbers of machines that will each take manual fixing. The so-called "Windows CrowdStrike BSOD deluge" has hit critical businesses such as banks, airlines, supermarket chains, and TV broadcasters. Meanwhile, sysadmins on Reddit are wishing each other a happy weekend.

View at TechPowerUp Main Site | Source

Anoniem · Jul 19, 2024

Well, happy weekend other sys admins out there

Glad we don’t use CrowdStrike services/solutions.

wolf · Jul 19, 2024

Complete meltdown in Perth WA. Banks offline, grocery stores offline, a bloke couldn't get his zinger box from KFC after he knocked off. Triple J (radio) playing back to back bangers from a USB drive.

Feels like just about the only place not impacted was my workplace :fear:

N3utro · Jul 19, 2024

Good update management in a medium to large scale enterprise is to have multiple rings of deployment: the IT lab, the IT department users, non critical departments, critical ones. You never deploy windows updates directly, you manage your rings with WSUS. Bad management from these companies.

Assimilator · Jul 19, 2024

This doesn't just affect sysadmins, it affects anyone who uses a third party that uses Crowdstrike... ASK ME HOW I KNOW.

Microsoft's 365 platform is also having a bit of a wobble due to a seemingly unrelated issue with a configuration SNAFU in Azure.

N3utro said:
Good update management in a medium to large scale enterprise is to have multiple rings of deployment: the IT lab, the IT department users, non critical departments, critical ones. You never deploy windows updates directly, you manage your rings with WSUS. Bad management from these companies.

The whole point of providers like Crowdstrike is that part of the service fee is for them to do that verification, so that you don't have to. Without such providers, small companies with minimal IT departments couldn't exist.

N3utro · Jul 19, 2024

Assimilator said:
This doesn't just affect sysadmins, it affects anyone who uses a third party that uses Crowdstrike... ASK ME HOW I KNOW.

Microsoft's 365 platform is also having a bit of a wobble due to a seemingly unrelated issue with a configuration SNAFU in Azure.

The whole point of providers like Crowdstrike is that part of the service fee is for them to do that verification, so that you don't have to. Without such providers, small companies with minimal IT departments couldn't exist.

"banks, airlines, supermarket chains," these are not small companies

cerulliber · Jul 19, 2024

Monday hirings QA at Crowdstrike and get 10x ROI. share prices increased. problem fixed, just don't be greed.

Crackong · Jul 19, 2024

Windows Update breaks things.

First time? . jpg

WonkoTheSaneUK · Jul 19, 2024

Pour one out for sysadmins, who have just learned that the fix is to log into each affected PC one at a time and delete the single bad file from each one.
It's going to be a loooooooooooooooooooooooooooooooooooooooong day for those in bigger organizations!

Chaitanya · Jul 19, 2024

MS needs a good screwing over and Windows needs to be offline like good old Win 7(and older).

AnarchoPrimitiv · Jul 19, 2024

N3utro said:
Good update management in a medium to large scale enterprise is to have multiple rings of deployment: the IT lab, the IT department users, non critical departments, critical ones. You never deploy windows updates directly, you manage your rings with WSUS. Bad management from these companies.

Wouldn't be surprised if they fired a bunch of the people responsible for that to increase quarterly earnings.

Onasi · Jul 19, 2024

Crackong said:
Windows Update breaks things.

Chaitanya said:
MS needs a good screwing over and Windows needs to be offline like good old Win 7(and older).

I love to bag on MS just as the next guy, but it isn’t about them this time around.

JcRabbit · Jul 19, 2024

Judging by the chaos out there, this is what the Y2K bug could have been, but wasn't (because we made sure on time that it would not turn into anything like this - and thus it became a non event).

ErikG · Jul 19, 2024

Solution:

Boot Windows into Safe Mode or the Windows Recovery Environment
Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
Locate the file matching “C-00000291*.sys”, and delete it.
Boot the host normally.

Dazz023 · Jul 19, 2024

Crackong said:
Windows Update breaks things.

First time? . jpg

Just clickbait headline to attract anti-MS crowd.

the54thvoid · Jul 19, 2024

Dazz023 said:
Just clickbait headline to attract anti-MS crowd.

Not really - the header implicitly says,

Faulty Windows Update from CrowdStrike

It's blaming Crowdstrike.

Assimilator · Jul 19, 2024

N3utro said:
"banks, airlines, supermarket chains," these are not small companies

But they are capitalist companies, and capitalism is all about maximising profits, and that means buying as little equipment as possible and hiring as few people as possible.

Onasi said:
I love to bag on MS just as the next guy, but it isn’t about them this time around.

You're expecting the anti-Microsoft crowd to be capable of basic reading comprehension...

the54thvoid said:
Not really - the header implicitly says,

It's blaming Crowdstrike.

It still implies it's somehow to do with Windows Update, though. A better headline would be "Windows security vendor releases faulty product update, hits banks and airlines around the world".

Shou Miko · Jul 19, 2024

ErikG said:
Solution:

Boot Windows into Safe Mode or the Windows Recovery Environment

Navigate to the C:\Windows\System32\drivers\CrowdStrike directory

Locate the file matching “C-00000291*.sys”, and delete it.

Boot the host normally.

I already heard this didn't work for everyone including the registery fix.

I checked serveral Windows 10 installations at work incl. the one I use at work and I haven't found anything and a lot of my customers are running Windows 11 so hope they are more safe than Windows 10 users.

the54thvoid said:
It's blaming Crowdstrike.

Correct.

Kn0xxPT · Jul 19, 2024

and then MS wants people move to Cloud Based systems .....
... lets ruin everyones day because of a "online bug" ....

Chomiq · Jul 19, 2024

Assimilator said:
But they are capitalist companies, and capitalism is all about maximising profits, and that means buying as little equipment as possible and hiring as few people as possible.

You're expecting the anti-Microsoft crowd to be capable of basic reading comprehension...

It still implies it's somehow to do with Windows Update, though. A better headline would be "Windows security vendor releases faulty product update, hits banks and airlines around the world".

Yeah, pretty much every news headline has MS logo in it but yeah, this is a CrowdStrike issue.

DeathtoGnomes · Jul 19, 2024

Someone at CrowdStrike is getting bent over the desk.

I bet IT people will be creating better recovery drives/discs after this blunder. I wonder if they heard of a thing called, QA.

"this wouldnt have happened if AI did all the work"

katzi · Jul 19, 2024

Crackong said:
Windows Update breaks things.

First time? . jpg

Imagine blaming microsoft/windows update, for a 3rd party security software bricking windows.

Onasi · Jul 19, 2024

Kn0xxPT said:
and then MS wants people move to Cloud Based systems .....
... lets ruin everyones day because of a "online bug" ....

*sigh* It’s not MS. It’s not about cloud based OS. It’s about a separate, non-MS affiliated cybersecurity firm pushing out a scuffed update for their endpoint enterprise solution that corrupted Windows boot-loader for their clients. It literally doesn’t affect anyone on a consumer level personally.

efikkan · Jul 19, 2024

Running Windows on critical systems, especially connected to the Internet and receiving automatic updates causing a global outage of numerous services, who saw this one coming? (trigger warning: sarcasm)

Having client PCs go offline may not be surprising, but seeing banks, traders, airlines, media companies etc., having their central services being offline from an update, that's just ridiculous. Come on guys, it's not 1995 any more, this level of incompetence isn't excusable. If you're making billions you can afford having properly trained staff and a properly managed tech "stack" with whatever appropriate failovers, backups, recovery images/procedures, etc. is needed to ensure reliability and security.

And yes, Microsoft certainly deserves blame for how easily their systems break, and for how tedious it is to roll back.

Thanks to CrowdStrike for accidentally revealing which companies who doesn't know how to handle their tech.

Daven · Jul 19, 2024

Is it just me or do others think critical IT and society infrastructure services need to switch from Windows to Linux?

I don’t want this to be last thing I see before I die.

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	C₂H₅OH
Processor	AMD Ryzen 7 9800X3D 5,45GHz Alphacool Core 1 Black
Motherboard	ASUS ROG Crosshair X670E GENE
Cooling	Custom loop - MO-RA3 420 & 360 Pro - Heatkiller 200 & 150 D5 pump/res combo
Memory	G.Skill Trident Z5 RGB F5-8000J4048F24GX2 8GHz 36-44-44
Video Card(s)	MSI RTX 4090 Suprim X Alphacool block
Storage	Samsung 980 Pro 1TB - Intel 660 Pro 2TB
Display(s)	Asus PG27AQDM 240Hz OLED
Case	Streacom BC1 Silver
Audio Device(s)	Topping DX7Pro - Topping A90 - Hifiman Ananda - Focal Elear - Focal Radiance - Adam A5X & Adam Sub 7
Power Supply	Corsair HX1200
Mouse	Logitech G Pro Wireless
Keyboard	Ducky One 2 SF White MX Speed Silver / Logitech MX Mechanical
Software	Windows 11 Pro

System Name	MightyX
Processor	Ryzen 9800X3D
Motherboard	Gigabyte B650I AX
Cooling	Scythe Fuma 2
Memory	32GB DDR5 6000 CL30 tuned
Video Card(s)	Palit Gamerock RTX 5080 oc
Storage	WD Black SN850X 2TB
Display(s)	LG 42C2 4K OLED
Case	Coolermaster NR200P
Audio Device(s)	LG SN5Y / Focal Clear
Power Supply	Corsair SF750 Platinum
Mouse	Corsair Dark Core RBG Pro SE
Keyboard	Glorious GMMK Compact w/pudding
VR HMD	Meta Quest 3
Software	case populated with Artic P12's
Benchmark Scores	4k120 OLED Gsync bliss

System Name	1080p 144hz
Processor	7800X3D
Motherboard	Asus X670E crosshair hero
Cooling	Noctua NH-D15
Memory	G.skill flare X5 2*16 GB DDR5 6000 Mhz CL30
Video Card(s)	Nvidia RTX 4070 FE
Storage	Western digital SN850 1 TB NVME
Display(s)	Asus PG248Q
Case	Phanteks P600S
Audio Device(s)	Logitech pro X2 lightspeed
Power Supply	EVGA 1200 P2
Mouse	Logitech G PRO
Keyboard	Logitech G710+
Software	Windows 11 24H2
Benchmark Scores	https://www.3dmark.com/sw/1143551

System Name	Firelance.
Processor	Threadripper 3960X
Motherboard	ROG Strix TRX40-E Gaming
Cooling	IceGem 360 + 6x Arctic Cooling P12
Memory	8x 16GB Patriot Viper DDR4-3200 CL16
Video Card(s)	MSI GeForce RTX 4060 Ti Ventus 2X OC
Storage	2TB WD SN850X (boot), 4TB Crucial P3 (data)
Display(s)	Dell S3221QS(A) (32" 38x21 60Hz) + 2x AOC Q32E2N (32" 25x14 75Hz)
Case	Enthoo Pro II Server Edition (Closed Panel) + 6 fans
Power Supply	Fractal Design Ion+ 2 Platinum 760W
Mouse	Logitech G604
Keyboard	Razer Pro Type Ultra
Software	Windows 10 Professional x64

Faulty Windows Update from CrowdStrike Hits Banks and Airlines Around the World

btarunr

Editor & Senior Moderator

Anoniem

wolf

Better Than Native

N3utro

Assimilator

N3utro

cerulliber

Crackong

WonkoTheSaneUK

Chaitanya

AnarchoPrimitiv

Onasi

JcRabbit

ErikG

Dazz023

the54thvoid

Super Intoxicated Moderator

Assimilator

Shou Miko

Kn0xxPT

Chomiq

DeathtoGnomes

katzi

Onasi

efikkan

Daven

System Name	Personal Gaming Rig
Processor	Ryzen 7800X3D
Motherboard	MSI X670E Carbon
Cooling	MO-RA 3 420
Memory	32GB 6000MHz
Video Card(s)	RTX 4090 ICHILL FROSTBITE ULTRA
Storage	4x 2TB Nvme
Display(s)	Samsung G8 OLED
Case	Silverstone FT04

Processor	7950X3D
Motherboard	Gigabyte X670E Aorus Pro X
Cooling	NZXT Kraken ELite 280
Memory	64GB Kingston FURY Beast RGB 6000MT/s C30
Video Card(s)	GeForce RTX™ 4080 16GB AERO OC
Storage	Crucial T700 1TB SSD
Display(s)	Samsung Odyssey G9 Neo
Case	Lian-Li O11D Mini
Audio Device(s)	Mackie CM3 studio monitors
Power Supply	Asus Loki 1kW
Mouse	Razer Deathadder Pro 3
Keyboard	Ducky Zero 6108 (silver switches)
VR HMD	Vive XR Elite
Software	Kubuntu 24.10

System Name	Lightbringer
Processor	Ryzen 7 2700X
Motherboard	Asus ROG Strix X470-F Gaming
Cooling	Enermax Liqmax Iii 360mm AIO
Memory	G.Skill Trident Z RGB 32GB (8GBx4) 3200Mhz CL 14
Video Card(s)	Sapphire RX 5700XT Nitro+
Storage	Hp EX950 2TB NVMe M.2, HP EX950 1TB NVMe M.2, Samsung 860 EVO 2TB
Display(s)	LG 34BK95U-W 34" 5120 x 2160
Case	Lian Li PC-O11 Dynamic (White)
Power Supply	BeQuiet Straight Power 11 850w Gold Rated PSU
Mouse	Glorious Model O (Matte White)
Keyboard	Royal Kludge RK71
Software	Windows 10

System Name	The Workhorse
Processor	AMD Ryzen R9 5900X
Motherboard	Gigabyte Aorus B550 Pro
Cooling	CPU - Noctua NH-D15S Case - 3 Noctua NF-A14 PWM at the bottom, 2 Fractal Design 180mm at the front
Memory	GSkill Trident Z 3200CL14
Video Card(s)	NVidia GTX 1070 MSI QuickSilver
Storage	Adata SX8200Pro
Display(s)	LG 32GK850G
Case	Fractal Design Torrent (Solid)
Audio Device(s)	FiiO E-10K DAC/Amp, Samson Meteorite USB Microphone
Power Supply	Corsair RMx850 (2018)
Mouse	Razer Viper (Original) on a X-Raypad Equate Plus V2
Keyboard	Cooler Master QuickFire Rapid TKL keyboard (Cherry MX Black)
Software	Windows 11 Pro (24H2)

Processor	Intel i9 12900K @5Ghz
Motherboard	Asus ROG Maximus Z690 Extreme
Cooling	ROG Ryujin II
Memory	64GB DDR5 Trident-Z @5600Mhz CL28-34-34-89
Video Card(s)	Asus ROG Strix 4090 OC 24GB
Storage	Intel Optane 905P 960GB, 2 x Samsung 970 EVO 2TB, Firecuda 530 2TB, Samsung 980 PRO 2TB
Display(s)	LG Ultragear 48GQ900-B 48" 4K VRR HDR 140Hz, LG 43" IPS 4K 60Hz secondary
Case	ROG Helios
Audio Device(s)	Sound Blaster X Katana
Power Supply	Asus ROG THOR 1200W
Mouse	Asus Gladius II Origin
Keyboard	Corsair K95

System Name	JustGaming
Processor	Ryzen 9 7950x3D
Motherboard	Asus ProArt X670E-CREATOR WIFI
Cooling	Thermalright Peerless Assassin 140 Black
Memory	G.Skill Trident Z5 DDR5-6000 CL32
Video Card(s)	Inno3D RTX 4090 24Gb
Storage	Crucial T500 2TB x 3
Display(s)	Asus ROG Swift OLED PG32UCDM
Case	Asus ProArt PA602
Audio Device(s)	SSL 2+
Power Supply	SuperFlower 1200 Platinum
Mouse	Razer Deathadder v2
Keyboard	Montech Mkey TKL

System Name	Lynni PS \ Lenowo TwinkPad L14 G2
Processor	AMD Ryzen 7 7700 Raphael (Waiting on 9800X3D) \ i5-1135G7 Tiger Lake-U
Motherboard	ASRock B650M PG Riptide Bios v. 3.10 AMD AGESA 1.2.0.2a \ Lenowo BDPLANAR Bios 1.68
Cooling	Noctua NH-D15 Chromax.Black (Only middle fan) \ Lenowo C-267C-2
Memory	G.Skill Flare X5 2x16GB DDR5 6000MHZ CL36-36-36-96 AMD EXPO \ Willk Elektronik 2x16GB 2666MHZ CL17
Video Card(s)	Sapphire PURE AMD Radeon™ RX 9070 Gaming OC 16GB \| Intel® Iris® Xe Graphics
Storage	Gigabyte M30 1TB\|Sabrent Rocket 2TB\| HDD: 10TB\|1TB \ WD RED SN700 1TB
Display(s)	KTC M27T20S 1440p@165Hz \| LG 48CX OLED 4K HDR \| Innolux 14" 1080p
Case	Asus Prime AP201 White Mesh \| Lenowo L14 G2 chassis
Audio Device(s)	Steelseries Arctis Pro Wireless
Power Supply	Be Quiet! Pure Power 12 M 750W Goldie \| 65W
Mouse	Logitech G305 Lightspeedy Wireless \| Lenowo TouchPad & Logitech G305
Keyboard	Ducky One 3 Daybreak Fullsize \| L14 G2 UK Lumi
Software	Win11 IoT Enterprise 24H2 UK \| Win11 IoT Enterprise LTSC 24H2 UK / Arch (Fan)
Benchmark Scores	3DMARK: https://www.3dmark.com/3dm/89434432? GPU-Z: https://www.techpowerup.com/gpuz/details/v3zbr

Processor	Ryzen 7 5800X3D
Motherboard	Gigabyte X570 Aorus Elite
Cooling	Thermalright Phantom Spirit 120 SE
Memory	2x16 GB Crucial Ballistix 3600 CL16 Rev E @ 3600 CL14
Video Card(s)	RTX3080 Ti FE
Storage	SX8200 Pro 1 TB, Plextor M6Pro 256 GB, WD Blue 2TB
Display(s)	LG 34GN850P-B
Case	SilverStone Primera PM01 RGB
Audio Device(s)	SoundBlaster G6 \| Fidelio X2 \| Sennheiser 6XX
Power Supply	SeaSonic Focus Plus Gold 750W
Mouse	Endgame Gear XM1R
Keyboard	Wooting Two HE

System Name	Dumbass
Processor	AMD Ryzen 7800X3D
Motherboard	ASUS TUF gaming B650
Cooling	Artic Liquid Freezer 2 - 420mm
Memory	G.Skill Sniper 32gb DDR5 6000
Video Card(s)	GreenTeam 4070 ti super 16gb
Storage	Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s)	1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case	Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s)	onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply	Corsair HX1000i
Mouse	Steeseries Esports Wireless
Keyboard	Corsair K100
Software	windows 10 H
Benchmark Scores	https://i.imgur.com/aoz3vWY.jpg?2

Processor	AMD Ryzen 9 5900X \|\|\| Intel Core i7-3930K
Motherboard	ASUS ProArt B550-CREATOR \|\|\| Asus P9X79 WS
Cooling	Noctua NH-U14S \|\|\| Be Quiet Pure Rock
Memory	Crucial 2 x 16 GB 3200 MHz \|\|\| Corsair 8 x 8 GB 1333 MHz
Video Card(s)	MSI GTX 1060 3GB \|\|\| MSI GTX 680 4GB
Storage	Samsung 970 PRO 512 GB + 1 TB \|\|\| Intel 545s 512 GB + 256 GB
Display(s)	Asus ROG Swift PG278QR 27" \|\|\| Eizo EV2416W 24"
Case	Fractal Design Define 7 XL x 2
Audio Device(s)	Cambridge Audio DacMagic Plus
Power Supply	Seasonic Focus PX-850 x 2
Mouse	Razer Abyssus
Keyboard	CM Storm QuickFire XT
Software	Ubuntu