Live: Cyber security company linked to major IT outage across Australia
www.abc.net.au
Computer security company CrowdStrike is linked to a major IT outage affecting banks, airports, supermarkets and businesses across Australia and the world.
  • DigitalDilemmaEnglish
    2110 months ago

    It seems to be crowdstrike reacting to the new update.

    We have got ours up by the very manual process of:

    1 Boot into safe mode.

    1. Navigate to C:\windows\system32\drivers\crowdstrike

    2. Delete C-00000291*.sys

    3. Reboot normally

      • DigitalDilemmaEnglish
        210 months ago

        It has a privileged service running locally - csagent.sys - that was crashing causing the BSOD.

      • @lmaydev@lemmy.world
        010 months ago

        I guess if the code acted as if it got a valid response without checking it could get into a very weird state. Or the code just fails hard.

        At the driver level it’s very easy to kill things.

  • qprimedEnglish
    110 months ago

    so it got backdoored, or QA is trash or both at the same time. hate it when CI builds come so fast you cant verify the latest shipping rootkit