Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

How did a CrowdStrike config file crash millions of Windows computers? We take a closer look at the code
The Register ^ | 23 July 2024 | Thomas Claburn

Posted on 07/24/2024 10:48:47 AM PDT by ShadowAce

click here to read article


Navigation: use the links below to view more comments.
first previous 1-2021-33 last
To: null and void
Never be the first to download an OS, or any update, or new whiz bang software.

I've been retired from Windows related IT stuff for over a decade. Back then on very rare occasions I had to cross my fingers doing updates for zero day exploits. Around the time I retired there was a big push to automate updates at big institutions. It works great until it doesn't

21 posted on 07/24/2024 12:22:20 PM PDT by EVO X ( )
[ Post Reply | Private Reply | To 9 | View Replies]

To: mmichaels1970

More fun if LAPS is installed.

Local Administrator Password Solution


22 posted on 07/24/2024 1:06:26 PM PDT by wally_bert (I cannot be sure for certain, but in my personal opinion I am certain that I am not sure..)
[ Post Reply | Private Reply | To 15 | View Replies]

To: wally_bert
More fun if LAPS is installed.

Oof. I've never seen or used that. So that means that it is possible that NOBODY KNOWS the local admin password unless you log into AD with enough access to see it? And that's likely some massive randomly generated password that's just a long string of random characters/numbers?
23 posted on 07/24/2024 1:14:17 PM PDT by mmichaels1970
[ Post Reply | Private Reply | To 22 | View Replies]

To: ShadowAce

Society keeps being told how wonderful is the very latest computer technology, while the world-spanning size of crashes and hacks keeps getting larger and larger, not to mention the human data and financial theft and scams keeps growing as well, far beyond the scale of snail-mail theft and scams of the past.


24 posted on 07/24/2024 1:16:46 PM PDT by Wuli
[ Post Reply | Private Reply | To 1 | View Replies]

To: mmichaels1970

That’s sort of how it works.

Local admin passwords sadly a thing of the past.

I could give a field person that if absolutely necessary which happened a few times.

Safe mode was needed to get rid of a corrupt DLL. Other times local administration was needed was with HP printers mostly field types would buy because they were so cheap.

With LAPS and trying to get a non technical person to function, migraine fuel.


25 posted on 07/24/2024 1:18:46 PM PDT by wally_bert (I cannot be sure for certain, but in my personal opinion I am certain that I am not sure..)
[ Post Reply | Private Reply | To 23 | View Replies]

To: T.B. Yoits

Testing updates is racist.


26 posted on 07/24/2024 1:31:40 PM PDT by xoxox
[ Post Reply | Private Reply | To 8 | View Replies]

To: ShadowAce; dayglored

Thanks, could one use a Linux live USB to delete C:\Windows\System32\drivers\CrowdStrike\ on a Win machine?


27 posted on 07/24/2024 1:35:46 PM PDT by daniel1212 (Turn 2 the Lord Jesus who saves damned+destitute sinners on His acct, believe, b baptized+follow HIM)
[ Post Reply | Private Reply | To 2 | View Replies]

To: daniel1212; ShadowAce
> could one use a Linux live USB to delete C:\Windows\System32\drivers\CrowdStrike\ on a Win machine?

If the Windows disk is not encrypted, maybe so. The live Linux distro on the USB stick would need the latest NTFS write-enabled driver.

If the Windows disk is encrypted (e.g. BitLocker) you're almost certainly S-O-L.

28 posted on 07/24/2024 1:39:50 PM PDT by dayglored (“Courtesy is owed. Respect is earned. Love is given.” - Kinky Friedman 1944-2024)
[ Post Reply | Private Reply | To 27 | View Replies]

To: ShadowAce

I suspect that secret pre-release testing showed that the release would function
exactly as planned, with exactly the effect that resulted.

Because it came from “Cloudstrike”, and with such timing.


29 posted on 07/24/2024 1:45:14 PM PDT by EasySt (Say not this is the truth, but so it seems to me to be, as I see this thing I think I see. #MAGA-A)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
He explained, "One of the techniques employed by Google, which we used when I was there, is to do what's called Canary releases – gradual or slow rollouts – and observe what's occurring rather than crashing what Microsoft estimated were 8.5 million machines."

In other words... test in a closed environment. DEI strikes again.

30 posted on 07/24/2024 1:46:12 PM PDT by CodeJockey (I'd like to change the world, but they won't give me the source code.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Gene Eric

Tux... :)


31 posted on 07/24/2024 2:24:26 PM PDT by Openurmind (The ultimate test of a moral society is the kind of world it leaves to its children. ~ D. Bonhoeffer)
[ Post Reply | Private Reply | To 3 | View Replies]

To: daniel1212

If it gives you admin access to the system files you should be able to.


32 posted on 07/24/2024 2:41:10 PM PDT by Openurmind (The ultimate test of a moral society is the kind of world it leaves to its children. ~ D. Bonhoeffer)
[ Post Reply | Private Reply | To 27 | View Replies]

To: ShadowAce

Somebody @ Crowdstrike is soooooo fired.


33 posted on 07/26/2024 12:50:15 PM PDT by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-33 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson