Business Global IT outage live updates: Australian banks, airlines, media outlets taken offline - Bloody Bitch Bastard

There's a global outage of MicroSoft Windows machines currently, amusingly. This website is laid out in a very frustrating way, so I've included the main excerpts here:
https://www.abc.net.au/news/2024-07...-microsoft-banks-airlines-australia/104119960 (archive)

There are reports of IT outages affecting major institutions in Australia and internationally.
The ABC is experiencing a major network outage, along with several other media outlets.
Crowd-sourced website Downdetector is listing outages for Foxtel, National Australia Bank and Bendigo Bank.

Like a number of other organisations, global issues affecting CrowdStrike and Microsoft are disrupting some of our systems.
The issue is causing some holdups for some of our customers and we thank them for their patience.
There is no impact to our fixed or mobile network which continue to operate.
Calls to our Triple Zero contact centres are not affected, but we understand some state emergency services are also impacted and we are working with them to implement backup processes.

CrowdStrike ran a recorded phone message on Friday saying it was aware of reports of crashes on Microsoft's Windows operating system relating to its Falcon sensor.
"Thanks for contacting CrowdStrike support. CrowdStrike is aware of reports of crashes on Windows … related to the Falcon sensor," a prerecorded message played when a Reuters reporter called the company's technical support.

University of Melbourne lecturer in cyber security Shaanan Cohney says there appear to be two separate things happening at once to cause the mass outages we are seeing.
The first issue, he says, appears to have been caused by a piece of software developed by a company called CrowdStrike.
"It's a computer security vendor that provides a monitoring service to large enterprises so they can see on computers within their control if there's any indications of suspicious activity or things that would require a security alert or to lock down the computer," Dr Cohney says.
"Because this software needs to see everything that is going on, it's very tightly integrated into the computer's software, so when you install it, it asks for a lot of permissions so that it can ask for everything going on on the computer.
"However, because it's in such a privileged position, if something goes wrong with it, if there's a programming mistake it has the capability to bring down the entire computer.
"If someone makes the wrong type of mistake it can bring the whole system down.
"As far as we can tell what it looks like happened with this piece of software is the company issued a significant update and something in the update went wrong.
"Engineers at the company and those outside are scrambling to try to pinpoint the source so they can try to pinpoint the problem so that's why companies are telling their employees to shut down their computer in order to prevent them from updating so those employees can maintain some minimal capabilities and have access to documents that are offline."
Reporting by Andi Yu

lcimg-7620c845-53fb-4caa-84ce-f61f76fa0ee6.jpeg
lcimg-5416bf03-1f8b-4709-b65b-ab1615785cba.jpeg
 
Does this mean I won’t have to do anything on the computer at work today?
Some of us are lucky, we get to do all the work we would normally do on the computer offline and then when the system comes back up we get to re-do all of it on the computer. Modern problems require modern solutions!
 
1721389565428.png
Well even if your office is open, the white women running HR wont be able to get anything done without their 2000 calorie coffees!
 
So the fix Crowdstrike support posted in one of the biggest shitstorm reddit threads I've ever seen is to delete a file in C:\windows\system32\drivers\crowdstrike.

No other official comms -- no twitter posts, no website update. They have a tech bulletin out but it's hidden behind a support login.

Except, here's the fun part: Crowdstrike blocks you from accessing that folder in safe mode, safe mode with networking, or safe mode command prompt. So you can't delete that file.

To say nothing about Bitlocker, which complicates all this shit a lot. And if you have Crowdstrike running on machines, you're running bitlocker drive encryption too.

The apparent fix if you can't delete that file is to reimage the machine or reinstall windows.
 
Lol. Lmao even. We've entered the age where existing infrastructure is unknown to the current practitioners and maintainers. In a word, it is archeotech.

This is why I strongly advocate for my customers to host their critical services (OT) on-prem.
 
So the fix Crowdstrike support posted in one of the biggest shitstorm reddit threads I've ever seen is to delete a file in C:\windows\system32\drivers\crowdstrike.

No other official comms -- no twitter posts, no website update. They have a tech bulletin out but it's hidden behind a support login.

Except, here's the fun part: Crowdstrike blocks you from accessing that folder in safe mode, safe mode with networking, or safe mode command prompt. So you can't delete that file.

To say nothing about Bitlocker, which complicates all this shit a lot. And if you have Crowdstrike running on machines, you're running bitlocker drive encryption too.

The apparent fix if you can't delete that file is to reimage the machine or reinstall windows.
Here's another potential workaround:
From safe mode, fire up regedit and change:
Kod:
HKLM:\SYSTEM\CurrentControlSet\Services\CSAgent\Start
from a 1 to a 4
 
Wife just reported in from work (small local bank).

Yes, its bad bad.

They have a tiny IT team and will probably just have to close for the day, theres an all hands conference call to discuss in 20 minutes and her team is just sitting around eating breakfast.
 
So the fix Crowdstrike support posted in one of the biggest shitstorm reddit threads I've ever seen is to delete a file in C:\windows\system32\drivers\crowdstrike.

No other official comms -- no twitter posts, no website update. They have a tech bulletin out but it's hidden behind a support login.

Except, here's the fun part: Crowdstrike blocks you from accessing that folder in safe mode, safe mode with networking, or safe mode command prompt. So you can't delete that file.

To say nothing about Bitlocker, which complicates all this shit a lot. And if you have Crowdstrike running on machines, you're running bitlocker drive encryption too.

The apparent fix if you can't delete that file is to reimage the machine or reinstall windows.
Outsmart Cloudstrike and just delete the entire system32 folder.
 
I sat back and laughed whilst i wasn't able to do anything at work, and then laughed even harder when only one supermarket wasn't affected and i was still able to do my grocery shop.

Get fucked microshit, also who uses the ABC as a news source?
 
Speaking of, has anyone checked in on Bossman Jack and whatever online casino he is using this week?
I can report this week's choice of offshore crypto casino is operating normally and BossmanJack is 100% not affected by this unless it compromises the supply of chicken biscuits.

This may actually be a godsend for him if it delays the piss test he will inevitably fail.
 
Nigger CEO hoping people are unable to parse IT speak. A fucky wucky in the shit you push is a security issue; I don't care how you want to try and dance around the issue, if you push shit into production and you take out this much infrastructure, you have a fucking problem.
The people who are responsible for requiring these programs and who these messages are targeted towards have a definition of "security" which can be achieved by unplugging the computer it's running on.
 
It sounds like they compiled a new build and pressed the "push to consumers" button instead of the "push to test suite" button.

It also looks like, in addition, tons of their customers had no staging area at all to run in-house tests on automatic updates, and instead let Crowdstrike push updated directly to production. I don't know of a single system or application we have where we let the vendor push updates directly to it. Everything gets tested. There are massive fuck-ups on both sides here.
 
1721390864064.png

It also looks like, in addition, tons of their customers had no staging area at all to run in-house tests on automatic updates, and instead let Crowdstrike push updated directly to production. I don't know of a single system or application we have where we let the vendor push updates directly to it. Everything gets tested. There are massive fuck-ups on both sides here.

When I worked in enterprise IT over a decade ago, this would have gotten me fired even if it didnt break anything. We had a standard of testing even the smallest updates for weeks before pushing them out because any loss of the system would burn the entire company down.
 
...And I can expect this to happen here in the US eventually. Won't be surprised if they try doing this for "Ze Great Reset".

Welp, learn to divest funds as well as having your money, at least some of it, offline for shit like this.
 
...And I can expect this to happen here in the US eventually. Won't be surprised if they try doing this for "Ze Great Reset".

Welp, learn to divest funds as well as having your money, at least some of it, offline for shit like this.

This is happening in the US, its affecting a billion computers worldwide. Fucking Indias airports are handwriting boarding passes.

1721391077314.png
 
Wstecz
Top Na dole