This rollercoaster is not over yet. There's a crowdstrike issue causing windows machines/servers to brick globally and this industry is heavily windows dependent. It may or may not be related to the Azure issue but it's suspicious to me.
https://www.reddit.com/r/crowdstrike/comments/1e6vmkf/bsod_e...
I have never heard of crowdstrike. Is that some kind of antivirus? How is that related to PCs not booting? And why does it affect so many PCs if I've never heard of it? I'm so confused
It's enterprise anti-malware that [in addition to other bits] has a client component installed on all PCs in the corporate network. An update to that client component (called an "endpoint") is causing those Windows machines to BSOD.
It's unlikely you'd have heard of it unless you've worked at a large enterprise that runs primarily Microsoft IT.
Crowdstrike does have Mac/Linux "endpoints" also (IIRC) but I'm unsure if they're affected as well.
We have this crap running on our computers, and only Windows boxes seem affected.
On Linux this isn't running in kernel mode (our kernels are too up-to-date) and we don't seem to have any issue there.
Haven't heard anything about macs though.
MacOS seems to be fine (or I was too late to get an update)
MacOS does not allow kernel extensions anymore luckily
My company MacBook with the falcon client does not seem to be affected by this.
MacOS does not allow kernel extensions anymore so these kinds of crashes cannot happen. The falcon client on Mac hooks into another layer
The problem is seemingly specifically in the Windows driver, you're unlikely to see an issue if you're not running Windows.
I've never seen a non-Windows machine tbh. But our IT just send out an update that we don't use crowdstrike. Strange that I never heard of it if it's so widespread. But thanks
You'll see this software more in highly regulated areas. Think Government, finance, travel. It exists mainly to check a compliance box.
The Windows claim is a little misleading. We used Linux where I last encountered this. I expect Windows is where problems are manifesting this time; BSOD and kernel panics with this aren't new!
CrowdStrike seemingly came out of nowhere but has existed for a while... I think it's suspicious.
Have we not learned from SolarWinds and company? The vendors become part of your posture. Consolidating far too much
The problem seems to be in a device driver installed by Crowdstrike - so I'm guessing whatever the bug is, it's specific. to their Windows product.
Windows complains about some page fault or something in a file name csagent.sys. On my machine this file hasn't changed in several days, but the issue only happened this morning like for everyone else.
This looks suspiciosly a case of "let's download random crap from the web and run it in kernel space. what could possibly go wrong?"
They make security software that is really popular in various industries.
Baffling name. Sounds more apt for a DDoS service.
They make malware that steals funds from corporations (willingly!) so these corps can tick a security checkbox for some certification investors have been told is paramount; it's just disguised as security software.
Europe will wake up to flood of problems as well. This needs to be at the top of HN. We are experiencing multiple issues here in EU.
This issue feels extremely widely spread.
Maybe we don't hear ppl complaining because we're offline? :)
Berlin airport is down
A few others as well, it seems.
Just in time for the beginning of school holidays in Berlin. Today, they expected 86.000 travelers in BER alone (https://www.airliners.de/flughafen-ber-erwartet-rekordzahl-p...)
Maybe they have rolled back the update and Windows boxes in Europe are no longer pulling it?
They did around 8:30 CEST (6:30 GTM) as I understand it. Some of our servers managed to unbork themselves after a number of boot loops, but not all.
Ryanair is unable to check in passengers online. You can check in at the airport.
I had to physically stand in a queue for about 8 hours for a Ryanair customer support desk in an airport when the airport runway was closed by 1-2cm of snow.
I forget the exact timing and can't be bothered to look up my notes, but it was something like 11pm to 7am at the origin airport for a flight that was supposed to have landed at the destination around 8pm, as we were also stuck on the runway for an hour or so and even getting that far had been delayed.
The replacement flight the next day was also cancelled even though the airport was open.
I ended up taking a ferry and a train, and that was still simultaneously faster than the next available Ryanair replacement flight and cheaper than any other provider on short notice. Fortunately I had an understanding boss who didn't mind me arriving 4 days later than expected, and also a place to crash for free while working out the best route home.
it's already noon in central europe and yes everythings fucked. except for the linux powered companies
On the wireless they are reporting a bad Crowdstrike update and a major Azure failover in central USA as separate events, are they they the same or different?
They seem either unrelated, or the Azure one was caused by CrowdStrike.
Too many black swans the same day, I'd guess Azure is running Crowdstrike software.
Azure having problems is not a black swan event.
Fair point.
A whole lot of people are running Crowdstrike in the cloud and on local PC An crowdstrike update last night caused a windows kernel panic Azure/Crowdstrike personel have spend rolled back the update in the cloud Local IT people will have to revert it from local machines manually
Almost certainly Azure using Crowdstrike on Windows in one way or another.
Not surprising that AWS and GCP don't seem to be hit as they wouldn't run anything on Windows, unlike Azure, who I'm sure are forced to do so under MS' infamous interdepartmental structure.
Ugh.
Though I can image there's a Azure market for "Citrix server" kinda thing in the cloud
(or maybe it's SaaS - Solitaire as a Service)
true, got some insights why this happened https://medium.com/@confusedcyberwarrior/when-security-becom..., but how they didn't had an update process like testing or QA?
Companies using Windoze for anything touching customer business should get sued by their customers.
Yeah, it's far from just airlines affected.
https://www.abc.net.au/news/2024-07-19/global-it-outage-crow...
HN discussion here - needs to be on the front page - here in NZ ATMs, supermarkets, satellite TV channels are all down
https://news.ycombinator.com/item?id=41002195