…according to a Twitter post by the Chief Informational Security Officer of Grand Canyon Education.

So, does anyone else find it odd that the file that caused everything CrowdStrike to freak out, C-00000291-
00000000-00000032.sys was 42KB of blank/null values, while the replacement file C-00000291-00000000-
00000.033.sys was 35KB and looked like a normal, if not obfuscated sys/.conf file?

Also, apparently CrowdStrike had at least 5 hours to work on the problem between the time it was discovered and the time it was fixed.

    • feannag@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      2
      ·
      4 months ago

      The outage only affected the Windows version of Falcon. OSX and Linux were not affected.

      • PythagreousTitties@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        22
        ·
        edit-2
        4 months ago

        This time. Last time it did affect Linux. It doesn’t have anything to do with Microsoft.
        Sorry to burst your bubble.

          • PythagreousTitties@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            24
            ·
            4 months ago

            Windows kernel drivers are signed by Microsoft. They must have rubber stamped this for this to go through, though.

            Try to keep up.

        • blind3rdeye@lemm.ee
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          2
          ·
          4 months ago

          In this thread we’re talking about the recent problem with CrowdStrike on Windows that brought down various services around the world. So I don’t know who’s bubble you think you’re bursting by talking about something else.