News Global IT issue strikes Windows machines, cause of issue allegedly linked to CrowdStrike software update

[palladin9479]

Thankfully we don't use this in our environment. I woke up to my teams chat going crazy this morning and had to remind everyone we are good.

We don't have this either, for the reason painted in glowing neon letters.

This is why you do not trust "cloud" services for critical system capabilities. One button push by someone you don't even know can take down your entire enterprise. Just imagine giving someone an internet "off" button and then watching as hackers everywhere attempt to take control of it.

 

[jeremyj_83]

Since this affected almost every machine it is almost like they didn't even test this.

There is also the possibility that it was a disgruntled employee since this was so bad and seems like it wasn't tested.

 

[TJ Hooker]

We don't have this either, for the reason painted in glowing neon letters.

This is why you do not trust "cloud" services for critical system capabilities. One button push by someone you don't even know can take down your entire enterprise. Just imagine giving someone an internet "off" button and then watching as hackers everywhere attempt to take control of it.

Is the cloud aspect even relevant here? This isn't a case of clients being unable to access some needed resource because it's in the cloud and that cloud is down. It was an update to a locally installed application, causing the local machines to crash.

 

[bill001g]

Is the cloud aspect even relevant here? This isn't a case of clients being unable to access some needed resource because it's in the cloud and that cloud is down. It was an update to a locally installed application, causing the local machines to crash.

Yup the news media isn't smart enough to understand how bad this is. They only see the airplanes that are not flying.

Many companies have this software loaded on all their work from home clients. In many cases the actual user has no admin access and in addition many of these machine have bitlocker on them and all the keys are at the main office. They have to ship the laptop in many cases.......and it seems UPS is also affected

 

[RyzenNoob]

At least they didn't blame it on China and Russia hackers and all the other so called baddies. After all, who needs them when the world can be crippled by automatic updates that haven't been tested

 

[Colif]

This is a wake up call.

Why are so many companies all using same software? I see one Airline in US didn't use it and still runs fine. Rest need to diversify


One untested update brings down entire system... if you going to rely on one bit of software it has to be bullet proof. Not haphazardly released like this.

Anything being done about 2038? Or we all just ignoring it?

 

[USAFRet]

Anything being done about 2038? Or we all just ignoring it?

Just like Y2K, it will be mostly fixed by Nov 2037.

 

[bit_user]

Anything being done about 2038? Or we all just ignoring it?

I think all Linux APIs, filesystems, etc. have been updated for quite some time. The main risk is probably with how many legacy systems there are, still running old software.

 

[rgd1101]

cyber insurance required some form of it. and crowdstrike is(was) the top dog.
it is like the old saying. can't go wrong with IBM(when they were still matter)

yeah, we have some rpg program that have 2038 issue. haven't done anything.

 

[mhmarefat]

I am not a security expert, but is it time for Microsoft to be allowed to harden the kernel? There is no way any external program should be able to crash the machine. I know many of the security companies insist on hooks into core system components and antitrust rules obliged MS to comply/provide... but is it time to revisit?
It wont protect us from MS messing up... but would be overall "better"?

From Win 8 upwards, the philosophy of Microsoft has been that WE own your PC. Right now if you decide to install another OS on your PC, Microsoft's SecureBoot will NOT ALLOW THE OTHER OS TO BOOT.

 

[USAFRet]

From Win 8 upwards, the philosophy of Microsoft has been that WE own your PC. Right now if you decide to install another OS on your PC, Microsoft's SecureBoot will NOT ALLOW THE OTHER OS TO BOOT.

Contrast that statement with the thousands of dualboot systems around the world.

You just need to disable Secure Boot.

Here is Win 11 + Linux:

https://www.onlogic.com/blog/how-to-dual-boot-windows-11-and-linux/

 

[mhmarefat]

you can't know which individuals were responsible or what factors fed into this decisions behind this problem.

Who was it? Who did it? Please someone!! Because we sure as hell know it had nothing to do with CrowdStrike or Microsoft! No! These two are completely clean.

 

[mhmarefat]

You just need to disable Secure Boot.

Why is a technology implemented on HARDWARE level that prevents me from installing other OS than Microsoft's?!

Also, average user does not know how to even enter BIOS let alone disable SecureBoot (if they have even heard that name once in their life)!! They will just remove Linux and proceed to Windows, thinking they "lack" knowledge to install/use Linux and move on. Not knowing MS has INVADED their PC on hardware level!

 

[TJ Hooker]

From Win 8 upwards, the philosophy of Microsoft has been that WE own your PC. Right now if you decide to install another OS on your PC, Microsoft's SecureBoot will NOT ALLOW THE OTHER OS TO BOOT.

You can boot most popular Linux distros (e.g. Ubuntu) with secureboot enabled without issue. For any other OS you can just manually add the boot loader in question to the allowed list via your UEFI secureboot settings. I've ran non-Windows OSs with secureboot enabled for years.

Edit: This is with a home-built system. Maybe OEM machines have their secureboot settings locked down harder such that they refuse to boot anything other than Windows, I don't know.

 

[USAFRet]

Why is a technology implemented on HARDWARE level that prevents me from installing other OS than Microsoft's?!

Also, average user does not know how to even enter BIOS let alone disable SecureBoot (if they have even heard that name once in their life)!! They will just remove Linux and proceed to Windows, thinking they "lack" knowledge to install/use Linux and move on. Not knowing MS has INVADED their PC on hardware level!

An "average user" does not set up a dual boot system.
They start with, and stay with, whatever OS the system came with when they took it out of the box.

 

[mhmarefat]

you can just manually add the boot loader in question to the allowed list

Allowed by who!? My masters at Microsoft? I thought I owned my PC?
Wow! White washing predatory corporate tactics in Tom's Hardware!

 

[USAFRet]

Allowed by who!? My masters at Microsoft? I thought I owned my PC?
Wow! White washing predatory corporate tactics in Tom's Hardware!

"allowed".
As in...These are the things I am allowing my system to boot from.

 

[jordanbuilds1]

so wait, ms uses crowd strike for all their comercial programs?

 

[TJ Hooker]

Allowed by who!? My masters at Microsoft? I thought I owned my PC?
Wow! White washing predatory corporate tactics in Tom's Hardware!

As I said, you can whitelist whatever OS you want (with the most popular ones being whitelisted by default). In other words, it's controlled by you. Having every possible OS whitelisted by default would defeat the purpose of secure boot. In which case, as USAFRet said, you can simply disable it if that's what you want. And the odds that some is both technically savvy enough to be installing an OS other than Windows or Ubuntu/Debian-based Linux (which work out-of-the-box with secureboot enabled, in my experience), but not savvy enough to disable a single setting in their UEFI, is practically zero.

 

[Colif]

Secure boot is bios level, Microsoft doesn't write the bios.

windows 11 might require PC to be able to run secure boot but it doesn't have to be on. I haven't turned it on, on this pc, and have used win 11 for 4 years now.

Ita another beat up windows thread, but really its not on them.

 

[USAFRet]

I'm pretty sure some commercial Linux distros even have signed boot images, compatible with Secure Boot.

Almost certainly, yes.

My statement was just in contrast to the blanket "You can't do it because of the evul Microsoft!!!"

 

[jeremyj_83]

Almost certainly, yes.

My statement was just in contrast to the blanket "You can't do it because of the evul Microsoft!!!"

I know for a fact that Linux has secure boot compatibility. At work we use SUSE and that has had secure boot since 12 (which Service Pack I'm not sure) but 12 came out in 2014.

 

[slightnitpick]

The old expression: Too many eggs in one basket... springs to mind.

Whilst it may be cheaper and efficient to use cloud services to replace on site infrastructure, there are some serious negatives too.

The best and most appropriate solution is to look for other vendors who provide an equivalent service. Vote with your $$$.

This is a wake up call.

Why are so many companies all using same software? I see one Airline in US didn't use it and still runs fine. Rest need to diversify

Given this, the recent car dealership issue, and the various just-in-time supply chain failures, we need new antitrust laws that make resilience and national security an antitrust issue.

Even at the monopoly level things could be done such as having multiple teams creating multiple variations of the software so that no one error or exploit could take them all down.

 

[bit_user]

Given this, the recent car dealership issue, and the various just-in-time supply chain failures, we need new antitrust laws that make resilience and national security an antitrust issue.

Even at the monopoly level things could be done such as having multiple teams creating multiple variations of the software so that no one error or exploit could take them all down.

Or more open source solutions. I know it's not a panacea, but opening up the software means more people can do audits on it to find bugs and other problems. I'm not saying this would be manual - a lot of what people currently do is in the form of automated static and dynamic analysis.

Another option might be to have some sort of regulation or certification. Obviously, you couldn't certify individual releases of a security software package that needs to roll out promptly enough to deal with zero day attacks, but you could certify the development & testing process.

 

[bignastyid]

@mhmarefat If you are having issue with your dual boot please create your own thread for assistance instead of taking this discussion off topic.