 Notice. New forum software under development. It's going to miss a few functions and look a bit ugly for a while, but I'm working on it full time now as the old forum was too unstable. Couple days, all good. If you notice any issues, please contact me. |
Forum Index : Microcontroller and PC projects : Global network outage affecting money cards all over the world....
  Page 3 of 3 |
|||||
| Author | Message | ||||
LeoNicolas Guru  Joined: 07/10/2020 Location: CanadaPosts: 503 |
This issue affects any Windows version updated with the CrowStrike's affected driver. It was not a Windows issue. For more info, watch this video: https://www.youtube.com/watch?v=wAzEJxOo1ts Edited 2024-07-22 07:27 by LeoNicolas |
||||
Grogster Admin Group  Joined: 31/12/2012 Location: New ZealandPosts: 9595 |
Yeah, that's a good video. I like his channel.  While the fix is quite easy via safe-mode, every affected machine has to have this done manually - I heard on the news last night, that this is up in the HUNDREDS OF MILLIONS of machines at this point.  I.T. people are going to be very busy fixing this mess. I suppose it could be worse. Not sure how, exactly, but it could have been worse.  Smoke makes things work. When the smoke gets out, it stops! |
||||
Mixtel90 Guru Joined: 05/10/2019 Location: United KingdomPosts: 7887 |
An awful lot of those machines are going to be rescued by booting to a little Linux from a USB stick. Windows password? Who cares? :) Linux saves the world! I bet we don't get to see that headline though. :) Edited 2024-07-22 16:06 by Mixtel90 Mick Zilog Inside! nascom.info for Nascom & Gemini Preliminary MMBasic docs & my PCB designs |
||||
| Grogster Admin Group Joined: 31/12/2012 Location: New ZealandPosts: 9595 |
Touché, Mick!  Smoke makes things work. When the smoke gets out, it stops! |
||||
Rickard5 Guru Joined: 31/03/2022 Location: United StatesPosts: 463 |
Dave explains what happen, How it's as much s M$ Problem as Management problem and the easy ;) And the delete one file fix :) I may be Vulgar, but , while I'm poor, I'm Industrious, Honest, and trustworthy! I Know my Place |
||||
| Mixtel90 Guru Joined: 05/10/2019 Location: United KingdomPosts: 7887 |
As Dave pointed out, the alternative is to write and sign a new Ring 0 driver every time you need virus signatures updating. You shouldn't be able to run non-secure code within Ring 0, which is effectively what Crowdstrike Falcon did. They did it for a sound reason though - there was no alternative way to do it. Their driver is shoddy though - it should be verifying that its data file is good before it attempts to use it. CRC check and test for out of range addresses at the very least. Not just a CRC - that wouldn't have caught it. And their QA is even worse - that file shouldn't have been able to get out of the door. It's a problem that's at such a low level that there's currently no solution, in any OS that I know of, apart from don't allow OEM level kernel code at all - and then you can't have effective virus protection. IMHO what's needed is a currently unavailable Ring 0.5, in which programs can't have any effect on Ring 0 and can't be affected by programs in Ring 1. That's a re-write of the whole OS and may even need changes within the CPU so that hardware can verify Ring 0 programs and filter out anything above. It can probably be done, but I suspect that it's not a retrofit - it's a new generation of computers. Mick Zilog Inside! nascom.info for Nascom & Gemini Preliminary MMBasic docs & my PCB designs |
||||
| PhenixRising Guru Joined: 07/11/2023 Location: United KingdomPosts: 1363 |
Crowdstrike. It's all in the name and it was a trial-run. Can't discuss here, however. |
||||
| Rickard5 Guru Joined: 31/03/2022 Location: United StatesPosts: 463 |
@Mick There is 1 US airline that ZERO problems though this. Dallas, Texas Based Southwest Airlines. Ya 'all Fancy Sophisticated People think we's a bunch of Backwards Bumpkins out here on the The Silicon Prairie, but Running windows 3.11 on Dos 6 behind a Cisco PXE Firewall is dead reliable :), and because it's lighter weight code running on modern Hardware, that network Screams ! I may be Vulgar, but , while I'm poor, I'm Industrious, Honest, and trustworthy! I Know my Place |
||||
| Page 3 of 3 |
|||||
 Print this page |
 |
The Back Shed's forum code is written, and hosted, in Australia. | © JAQ Software 2025 |
