Your Southwest flight arrived on time.

TropicalDingdong , 6 hours ago

Does any one here, working in IT, have a sense for how “on-going” this issue is expected to be? Is this something that is largely going to be resolved in a day or two, or is this going to take weeks/ months?

Entropywins , 5 hours ago

It will take however long it takes to implement the fix in person or implement a disaster recovery plan. Couple hours, days maybe weeks depending on the size of organization. Thankfully my work doesn’t use crowdstrike but the main fix I’ve heard requires in person boot in safe mode, delete file and reboot to every effected machine, not difficult just time consuming if you have thousands of endpoints that need to be fixed.

db2 , 5 hours ago

It’s entirely dependent on the organization. The actual time it takes to deploy the fix is the same amount it takes to open 4 nested directories and delete one file and reboot, but things like bitlocker and other annoying system policies can get in the way dragging a 5 minute solution out to a multi-day debacle.

MNByChoice , 5 hours ago

My guess as a Linux admin in IT.

I understand the fix takes ~5 minutes per system, must be done in person, and cannot be farmed out to users.

There are likely conversations about alternatives or mitigations to/for crowdstrike.

Most things were likely fixed yesterday. (Depending on staffing levels.) Complications could go on for a week. Fallout of various sorts for a month.

Lawsuits, disaster planning, cyberattacks (targeting crowdstrike companies and those that hastily stopped using it) will go on for months and years.

The next crowdstrike mistake could happen at any time…

qjkxbmwvz , 5 hours ago

The next crowdstrike mistake could happen at any time…

Sounds like the tagline to an action movie.

MNByChoice , 5 hours ago

I would watch it.

dumbass , 3 hours ago

You’ll be living it soon.

Agent641 , 3 hours ago

When will crowd strike next?

Ok_imagination , 5 hours ago

Fully agree as a security engineer with a mostly Microsoft shop. We have some pending laptop fixes, but I think we’ve talked our cio out of hastily pulling out of CrowdStrike. Really, it didn’t hit us hard. Maybe down for 2-3 hours around 4 am Friday morning. Microsoft gives us many more issues more frequently and we don’t have constant talk of pulling it out…

boredsquirrel , 4 hours ago

Microsoft gives us many more issues more frequently and we don’t have constant talk of pulling it out…

Maybe you should ;)

As a Linux user I deal with Windows issues way too often administering other laptops.

Ok_imagination , 2 hours ago

God, I wish!

rockSlayer , 5 hours ago

The issue was a very simple programming mistake, which is why it was simple to get a patch out quickly. The reason it caused chaos is due to the fact that the software operates at an extremely high level of privilege, enough where even something small can disrupt the entire operating system

Estebiu , 5 hours ago

My guess as an on-field technician is that this is going to take at least a week to resolve. As you probably know, it’s an easy fix; the difficult part is going to every single store to actually do the procedure. Today I worked on 30-35 PCs, and most of my time was spent going from location to location. There’s the tour de France so it’s very time consuming. Anyway, yeah, at least a week.

TexasDrunk , 4 hours ago

MSPs are about to get a shit load of work for the next week just to get more boots on the ground.

taiyang , 5 hours ago

My dad was able to get his computers in city hall working by just deleting a file, but it is indeed a process. 6 steps, although the specifics elude me. You do have to do it in person though, requires repair mode or whatever.

Funny thing though, they just got a new tech lead that very same day, his first day was this fiasco. Imagine that luck!

adhdplantdev , 4 hours ago

It’s going to be a grind. This is causing blue screen of death on Windows machines which can only be rectified if you have physical/console access.

In the cloud space if this is happening to you I think you’re screwed. I mean theoretically there’s a way to do it by installing Windows unmounting the disc from the virtual machine to another working virtual machine but it’s a freaking bear.

Basically everyone’s going to have to grind this whole thing out to fix this problem. There’s not going to be an easy way to use automation unless they have a way to destroy and recreate all their computers.

I live in linuxland and it’s been really fun watching this from the side. I really feel for this admins having to deal with this right now because it’s going to just suck.

Morphit , 3 hours ago

I’d have thought the cloud side would be pretty easy to script over. Presumably the images aren’t encrypted from the host filesystem so just ensure each VM is off, mount its image, delete the offending files, unmount the image and start the VM back up. Check it works for a few test machines then let it rip on the whole fleet.

adhdplantdev , 2 hours ago

Oh my friend. You think these companies do things in a logical scalable way? I have some really bad news…

Theoretically that could work but sometimes security measures require computers be BitLocker encrypted and certain softwares could make this difficult to achieve like fixing a domain controller.

AlecSadler , 56 minutes ago

At my org the security is so heavy that it’s a multi-step, multi-tier fix (meaning the one Helpdesk person has to escalate, the first tier that gets it has one password but not the other, that has to go to second tier, etc.)

They announced weekend hours all weekend on Friday and given we’re talking tens of thousands of potentially impacted systems, my guess is it absolutely won’t be done by Monday. That doesn’t necessarily mean business is dead in the water, but it’s definitely more chaotic and slow moving.

SchmidtGenetics , 4 hours ago

Little late, new information came out and they broke other OSs months ago… but no one noticed…

boredsquirrel , 4 hours ago

I wonder why

DmMacniel , 4 hours ago

My guess are Redundancy, proper rollbacks and or testing.

SchmidtGenetics , 3 hours ago

Not used on critical systems, it affected computers, a client had to inform them even.

Marduk73 , 3 hours ago

Windows RG

thisbenzingring , 2 hours ago

On a secure closed network, old code and DOS based Win3.x is fine. Those apps are so nice to support. Training young people on those old technologies is fun.