StarDestroyer.Net BBS

David Swan
July 19, 2024, • 08:14pm

A software outage on Friday afternoon crippled the airlines, banks and supermarkets in Australia, leaving flights grounded and newsreaders scrambling to fill air time.

The outage appears global in nature, impacting millions of systems in Australia and across the globe, and seems related to US cybersecurity provider CrowdStrike, and its software called the Falcon Sensor.

What is CrowdStrike Falcon?

CrowdStrike is one of the world’s largest cybersecurity vendors, providing thousands of businesses across the world with software to defend against viruses and cyberattacks.

The company is headquartered in Austin, Texas and has nearly 10,000 employees.

CrowdStrike Falcon is the company’s software that sits in the background on many corporate systems, detecting any viruses and cyber threats.

How did the outage happen?

The outage caused Microsoft laptops and PCs to show a ‘blue screen of death’, meaning workers and users were unable to access their systems.

The outage seemed to begin at around 2pm on Friday NZT, and affected users in the US before hitting Australia and New Zealand.

“We’re aware of a widespread issue causing BSOD errors on Windows machines across various sensor versions,” a CrowdStrike representative said in a forum post.

Why was Microsoft affected so much?

While Microsoft was not the source of the attack, CrowdStrike’s Falcon software is used on Microsoft Windows systems, rather than Apple Macs for example.

Microsoft said in a statement on X that it was investigating the incident.

What has the Australian government said?

The Australian government said there is no evidence to suggest the mass outage is a hack or cybersecurity incident.

“I am aware of a large-scale technical outage affecting a number of companies and services across Australia this afternoon,” National Cyber Security Coordinator Michelle McGuinness said in a statement on X.

“Our current information is this outage relates to a technical issue with a third-party software platform employed by affected companies.

“There is no information to suggest it is a cyber security incident. We continue to engage across key stakeholders.”

How often has this happened before?

Outages are relatively common these days, with telcos, banks and supermarkets often suffering technical glitches that typically last a few hours.

Such an outage may have never been seen on this scale, however, highlighting how reliant our modern economy is on technology, and increasingly how interconnected it is.

Is there a fix?

CrowdStrike has issued advice about a temporary workaround.

Here’s what the tech company says you should do:

- Boot Windows into Safe Mode or the Windows Recovery Environment (you can do that by holding down the F8 key before the Windows logo flashes on screen)
- Navigate to the C:\Windows\System32\drivers\Crowdstrike directory
- Locate the file matching “C-00000291*.sys” file, right click and rename it to “C-00000291*.renamed”
- Boot the host normally.


- Sydney Morning Herald

Too funny: In 2010 McAffe caused a global IT meltdown due to a faulty update. CTO at this time was George Kurtz. Now he is CEO of #crowdstrike

https://www.zdnet.com/article/defective ... of-xp-pcs/

Mr Bean wrote: ↑2024-07-19 03:48pm Hey guess who this was his entire day?
My day started at 2am when the Great Crowd strike of 2024 began and it just ended a little bit ago 14 hours later. So many computers affected by this bug. And best still since it's Crowdstrike it crashes the system before our remote tools load so I spent all day going of station to station manually deleting the bad files and restarting machines.

Eternal_Freedom wrote: ↑2024-07-20 09:29am Ironically, the only people seriously affected in my organisation was the IT Helpdesk. They didn't have working phones, or live chat, or even email. SO they're all losing their shit thinking how crippling this must be to the entire court service...and we barely even noticed, apart from a few transient VPN glitches.

This was caused by a faulty driver Channel File 291, installed in the Windows kernel that contained only null bytes. In a postmortem analysis by CrowdStrike it was determined that the null bytes did not cause machines to crash, but a different logic error related to the file.

That'll make it right

July 24, 2024 By Sebastian Moss

CrowdStrike has offered some partners a $10 Uber Eats gift card as an apology for pushing out an update that brought down millions of Windows systems.

The update caused a blue screen of death, and led to flights being delayed, hospital appointments being canceled, and retailers losing out on sales around the world.

“And for that, we send our heartfelt thanks and apologies for the inconvenience,” an email to partners first reported by TechCrunch states. “To express our gratitude, your next cup of coffee or late-night snack is on us!”

When TechCrunch checked the voucher, the Uber Eats page provided an error message that said the gift card “has been canceled by the issuing party and is no longer valid.”

The update is believed to have impacted around 8.5 million Windows-based systems, and is expected to lead to billions of dollars in insurance claims over the coming weeks and months.

It is not clear if CrowdStrike plans to make any restitution to its customers.