CavyherdIs there a good quick description of exactly what the #CrowdStrike thing is? I've been hearing about it obliquely all day, but have no idea what the deal is beyond "'Puters go pfzzzt!"
Grammargeddon Angel@cavyherd They pushed a bad code update.
Oh dear. That seems like...an obvious thing not to do...?
No wonder the mockery has been on hight today....
Violinknitter@cavyherd And it’s not just that it was a bad code update, it was a bad code update that meant a lot of machines couldn’t even boot up enough to get a fixed update over the internet. So a lot of IT people are spending hours going around to different computers and needing to reboot them in person.
@Violinknitter @cavyherd ON A FRIDAY no less.
Never, ever push code on a Friday.
@GramrgednAngel @Violinknitter
"Ah, it'll be fine. We've got it covered...."
KevinFlynn 
@GramrgednAngel @Violinknitter @cavyherd
Was it code or just a signature update? We had a similar issue from AMP a couple of months ago where it thought part of the OS was a threat, but our default action setting was to isolate, not prevent execution. Nothing crashed, it just got quiet for a few minutes.
Was it code or just a signature update? We had a similar issue from AMP a couple of months ago where it thought part of the OS was a threat, but our default action setting was to isolate, not prevent execution. Nothing crashed, it just got quiet for a few minutes.
@KevinFlynn I don’t know… my tech expertise is on the level of “Google the issue, follow the instructions.” From what I remember of the explanations I’ve read today, you had to reboot the affected computer in a mode that would allow you to delete the problem file, and then the computer could be rebooted normally and would be back up & running. But, like, I play tech support to Boomers, my level is distinctly “competent amateur.”
@KevinFlynn @Violinknitter @cavyherd I saw "code," but this isn't my wheelhouse. My spouse is QA/systems analyst for a large software company, so I know very basic stuff by osmosis.
Whatever they pushed, it broke stuff. Badly.
@KevinFlynn @Violinknitter @cavyherd https://www.cnet.com/tech/services-and-software/microsoft-crowdstrike-outage-causes-chaos-for-flights-hospitals-and-businesses-globally/
Sounds like code update to me. How else does one issue a security update if not with code? (Rhetorical.)
JdeBP@GramrgednAngel @Violinknitter @cavyherd
The #CrowdStrike update was pushed on Thursday, Austin Texas (where the company is located) time.
@GramrgednAngel @JdeBP @Violinknitter
Hm. We had an update go through Thursday morning.
Sounds like Monday could be Interesting.
@GramrgednAngel @JdeBP @Violinknitter
Well, I wonder, though? I didn't have occasion to restart my computer before I left work for the day (and I don't work Fridays), so it seems like next Monday will be the first opportunity for any shenanigans to manifest?
I suppose it's *possible* that my enterprise dodged the bullet, but that seems like a slim bet?
(The good news: I can monitor work comms from my mac, & I didn't see any discussion through the day on Thursday, so maybe we got lucky?)
@cavyherd @GramrgednAngel @Violinknitter
It really all depends from timing.
For example: I've read reports from people who lucked out and missed the update because contrary to the instructions of their IT people they turned off their office PCs on Thursday evening, and by the time they turned them on the next morning, the update had been withdrawn. So their PCs never had the bad "channel file".
(Continued …)
#CrowdStrike #MO821132
@cavyherd @GramrgednAngel @Violinknitter
(… Continued)
But (conversely) if you got the update Thursday evening before you powered off to go home and your work PC has not been booted up since, you may have the other kind of luck. (-:
@JdeBP @GramrgednAngel @Violinknitter
I remember updatingly behavior when I powered off Thursday evening, so I suspect I will turn out to be in the latter group. We Shall See What We Shall See!
Oh jeez. That is...um...spectacular.... 😬
@cavyherd Heard from an internet acquaintance that the IT dept they work in—part of a large university—fixed just over 2000 computers today. They have 150,000 faculty/staff/students. (Not all will be running Windows machines, but still.)
Oh jesus.
I wonder what the state of my work is going to be come Monday....
Is there any hope that machines that weren't turned on yesterday missed the update? (I remember a software update coming through on Thursday morning, which was the last day I worked this week.)
@cavyherd Good question about machines not turned on, and maybe? And your work might not be affected at all if your company doesn’t use CrowdStrike for security on its machines
No clue if they use that or not, but I did see an update go through Thursday morning, which is apparently when the update was sent out? How do you know if your machine has been impacted? (I'm assuming the issue becomes apparent when you try to boot?)
@cavyherd If it was Thursday morning, you’re probably ok. It was later on Thursday/early Friday AM for UTC+ folks that reports started to come in from Australia and Asia
It's not inconceivable that our M-Th work schedule saved us, then. We'll see. I will put on extra Tea & Snax on Monday morning, just in case....
Hdunagan@cavyherd CrowdStrike is an antivirus software that is used in servers AND on individual computer shutting down both. When you think of all your applications or apps running 'in the cloud' all those servers were crashed by the update. Most servers are back now, but individual computers will take awhile to fix.