829

CrowdStrike downtime apparently caused by update that replaced a file with 42kb of zeroes(twiiit.com)

posted
*
by
Avatar
Aatube@kbin.melroy.org
in
Avatar
technology@lemmy.world
182 comments
hidereport

…according to a Twitter post by the Chief Informational Security Officer of Grand Canyon Education.

So, does anyone else find it odd that the file that caused everything CrowdStrike to freak out, C-00000291-
00000000-00000032.sys was 42KB of blank/null values, while the replacement file C-00000291-00000000-
00000.033.sys was 35KB and looked like a normal, if not obfuscated sys/.conf file?

Also, apparently CrowdStrike had at least 5 hours to work on the problem between the time it was discovered and the time it was fixed.

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
Gork@lemm.ee
42 points

Ah, makes sense. I guess a driver would completely freak out if that file gave no instructions and was just like “…”

permalink
report
parent
reply
Avatar
PriorityMotif@lemmy.world
-14 points

You would think that Microsoft would implement some basic error handing.

permalink
report
parent
reply
Avatar
planish@sh.itjust.works
37 points

That’s what the BSOD is. It tries to bring the system back to a nice safe freshly-booted state where e.g. the fans are running and the GPU is not happily drawing several kilowatts and trying to catch fire.

permalink
report
parent
reply
Avatar
TimeSquirrel@kbin.melroy.org
-11 points
*

No try-catch, no early exit condition checking and return, just nuke the system and start over?

permalink
report
parent
reply
Show more comments
Avatar
Kaboom@reddthat.com
6 points

For most things, yes. But if someone were to compromise the file, stopping when they see it invalid is probably a good idea for security

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

Community stats

  • 18K

    Monthly active users

  • 12K

    Posts

  • 553K

    Comments

Community moderators