Here are the details about what went wrong on Friday.
I feel like that’s not even close to what the real number is, considering the impact it had.
If this figure is accurate, the massive impact was likely due to collateral damages. If this took down every server at an enterprise and left most of the workstations online, then that still means that those workstations were basically paperweights.
They have about 24,000 clients so that comes out to around 350 impacted machines per client which is reasonable. It only takes a few impacted machines for thousands of people to be impacted if they are important enough.
My bothers work uses VMs so if the server is down there’s probably 50k computers right there. But it’s only 1 affected computer.
As far as I know, none of the OSes used for virtualization hosts at scale by any of the major cloud infra players are Windows.
Not to mention: any company that uses any AWS or azure or GCP service is “using VMs” in one form or another (yes, I know I am hand waving away the difference between VMs and containers). It’s basically what they build all of their other services on.
No, but HyperV is used extensively in the SMB space.
VMWare is popular for a reason, but its also insanely expensive if you only need an AD server and a file share.
Banks use VMs and banks were down without access to their systems to login into the VM, so they could work. They were bricked by extension.
No, the clients were bricked. The VMs themselves were probably fine - and in fact, probably auto-rollbacked the update to a working savepoint after the update failed (assuming the VM infrastructure was properly set up).
He couldn’t login to the VM to access his work portals or emails, call it what you will, but one bricked computer/server affected thousands.
It’s weird that you’re arguing, but asked how it was possible in the first place. VMs are the answer dude, argue all you want, but it’s making you look foolish for A not understanding, and B arguing against the answer. Also, why this one thread? Multiple other people told you the exact same thing. You just looking for an argument here or something?
I wonder if a large percentage of impact is internal facing systems.
And we won’t know until Monday.
That’s how supply chains work. A link in the chain is broken, the whole thing doesn’t work. Also 10% of major companies being affected, is still giant. But you’re here using online services, probably still buying bread probably got fuel, probably playing video games. It’s huge in the media, and it saw massive affects but there’s heaps of things that just weren’t even touched that information spread on. Like TV news networks seemingly kept going enough to report on it non stop unaffected. Tbh though any good continuity and disaster recovery plan should handle this with impact but continuity.
CrowdStrike lives up to its name
Hey Crowdstrike…
That’s not imposter syndrome you’re feeling right now.
*crowdstrike
It’s not imposter syndrome for me either. At least I didn’t bring down millions of systems all across the world
My bad
Sorry about all those blue screens
How many systems in the world’s military went down, you know in war machines of Russia and Israel and Ukraine?
Those computers don’t have auto update enabled
CrowdStrike’s channel file updates were pushed to computers regardless of any settings meant to prevent such automatic updates, Wardle noted.
I work at an enterprise software company and have some well known, security conscience customer. The above is only true for us humans, if you have the money, you can dictate whatever the fuck you want.
Normally I would agree however this doesn’t appear to be a Microsoft update but a CrowdStrike update. Given that everyone is worried about ransomware etc.
Yknow I almost majored in IT/anything in that realm. Real glad I didn’t right now. And most other times, but especially right now.
If you had majored in IT you would know that this Crowdstrike thing is an easy, though somewhat tedious, fix. There’s honestly far more annoying problems that IT people have to content with.
I’m well aware that it’s not a complicated fix, I’m more than capable of doing it. Being a guy on an understaffed IT team in an office of hundreds right now sounds fucking miserable.
Not really. It’s a ton of overtime, the problem is not my fault, and no one can yell at me for taking too long because there’s no way to get it done faster.
If you want to talk about a giant pain in the ass look at what happens when a malicious virus runs rampant in an office. Then you have to clean each computer individually, sometimes having to wipe and reload whole machines. Which can take fucking hours because you have to update each computer after you do the wipe and reload. Even if you’re working from images there’s going to be at least a half a dozen updates if not more waiting to be redownloaded and reinstalled. And company bosses tend not to think it takes all that long to do that and therefore blame you for the delay in getting everyone up and running. So I’d rather them be mad at somebody else for the extreme downtime, like Crowdstrike.
Like justifying staffing and budgets. Fuck office politics.
