• Midnitte@beehaw.org
    link
    fedilink
    English
    arrow-up
    24
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Actually it’s due to whether your company uses CrowdStrike or not.

    The issue is not being caused by Microsoft but by third-party CrowdStrike software that’s widely used by many businesses worldwide for managing the security of Windows PCs and servers.

    Supposedly, one of the fixes (aside from rebooting and hoping it grabs the update fire) is to delete a single file in the CrowdStrike directory after booting into safe mode.

    • nutlink@beehaw.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      4 months ago

      I just spent the morning doing this with my help desk team, although we just do it via command prompt at the recovery screen. We’ve had a 100% success rate so far at 93 devices and counting. I’m glad our organization practices read only Friday, at least.

      • EtzBetz@feddit.de
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        Tbh, I would then also not update anything on Thursdays (which does maybe do overnight procedures) since it may be breaking over night then, leaving you just little time to fix before the weekend :D

        This kinda can be extended up until Monday, I know, but, at least in Germany, on Fridays people go home way sooner than other days.

    • Saik0A
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      Yes, but Azure platform itself was using it. So many of those systems were down overnight (and there’s probably still stragglers). The guy you responded to specifically called out Azure-based services.

      • Midnitte@beehaw.org
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        4 months ago

        Sure, but the OP of the thread didn’t.

        Most of our machines at my office run Win 10 or 11 and we haven’t had the blue screen. I was wondering why we hadn’t experienced this. Still don’t know.

        So it isn’t whether you’re using Azure, it’s whether you’re using CrowdStrike (Azure related or not)

        • Saik0A
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          So it isn’t whether you’re using Azure, it’s whether you’re using CrowdStrike (Azure related or not)

          No. Azure platform is using Crowdstrike on their hypervisors. So simply using Azure could be sufficient to hurt you in this case even if your Azure host isn’t using Crowdstrike itself. But yes, otherwise it’s a mix of Windows+Crowdstrike.

          • Kissaki@beehaw.org
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            1
            ·
            edit-2
            4 months ago

            Can you source your claim, that Azure hypervisor uses CrowdStrike? Because a Microsoft spokesperson told Ars that that issue was unrelated to the CrowdStrike update.

            […] cited as “a backend cluster management workflow [that] deployed a configuration change causing backend access to be blocked between a subset of Azure Storage clusters and compute resources in the Central US region.”

            A spokesperson for Microsoft told Ars in a statement Friday that the CrowdStrike update was not related to its July 18 Azure outage. “That issue has fully recovered,” the statement read.

      • Kissaki@beehaw.org
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        4 months ago

        Microsoft services were, in a seemingly terrible coincidence, also down overnight Thursday into Friday. […]

        A spokesperson for Microsoft told Ars in a statement Friday that the CrowdStrike update was not related to its July 18 Azure outage. “That issue has fully recovered,” the statement read.

        from https://arstechnica.com/information-technology/2024/07/major-outages-at-crowdstrike-microsoft-leave-the-world-with-bsods-and-confusion/

        They were not “using it”. And there’s no “stragglers still”.