Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn …

  • danA
    link
    fedilink
    English
    arrow-up
    68
    arrow-down
    2
    ·
    edit-2
    4 months ago

    Are there really a billion systems in the world that run Crowdstrike? That seems implausible. Is it just hyperbole?

      • Joelk111@lemmy.world
        link
        fedilink
        English
        arrow-up
        21
        ·
        4 months ago

        Yeah, our VMs completely died at work. Has to set up temporary stuff on hardware we had laying around today. Was kinda fun, but stressful haha.

        • danA
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          1
          ·
          4 months ago

          Could you just revert VMs to a snapshot before the update? Or do you not take periodic snapshots? You could probably also mount the VM’s drive on the host and delete the relevant file that way.

          • Encrypt-Keeper@lemmy.world
            link
            fedilink
            English
            arrow-up
            10
            ·
            4 months ago

            Yes you can just go into safe mode on an affected machine and delete the offending file. The problem is it took a couple hours before that resolution was found, and it has to be done by hand on every VM. I can’t just run an Ansible playbook against hundreds of non-booted VMs. Then you have to consider in the case of servers, there might be a specific start up order, certain things might have to be started before other things and further fixing might be required given that every VM hard crashed. At the minimum it took many companies 6-12 hours to get back up and running and on many more it could take days.

            • danA
              link
              fedilink
              English
              arrow-up
              4
              ·
              4 months ago

              Makes sense - thanks for the details.

          • Joelk111@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            4 months ago

            Yeah, like the other person said, corporate IT is responsible for that stuff. I guess they’re working through the weekend to try to get it fixed.

    • biggerbogboy@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      27
      ·
      4 months ago

      I doubt it’s too much of a stretch, since even here in australia, we’ve had multiple airlines, news stations, banks, supermarkets and many others, including the aluminium extrusion business my father works at, all go down, scale this do hundreds of countries with populations tenfold of ours, it puts it into perspective that there may even be more than a billion machines affected

      • danA
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        4 months ago

        I know that Windows is everywhere, I just don’t know the percentage of Windows computers that run Crowdstrike.

        • TheDarksteel94@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          10
          ·
          4 months ago

          Keep in mind, it’s not just clients, but servers too. A friend of mine works for a decently sized company that has about 1600 (virtual) servers internationally. And yes, all of them were affected.

          • hglman@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            6
            ·
            edit-2
            4 months ago

            You do realize that linux is something like 80% of servers. Which also well out number personal machines. If you include android linux is easily the most used os on the planet.

    • TexMexBazooka@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 months ago

      Sounds pretty plausible to me. An organization doesn’t have to be very big to get into the hundreds or thousands of devices on a network when you account for servers and VM.

      A company with 40 employees all accessing and RDS server using a company laptop is looking at 85+ devices already