this post was submitted on 20 Jul 2024
389 points (94.7% liked)

Technology

59086 readers
3760 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn ...

you are viewing a single comment's thread
view the rest of the comments
[–] dan@upvote.au 9 points 3 months ago (3 children)

Could you just revert VMs to a snapshot before the update? Or do you not take periodic snapshots? You could probably also mount the VM's drive on the host and delete the relevant file that way.

[–] EncryptKeeper@lemmy.world 10 points 3 months ago (1 children)

Yes you can just go into safe mode on an affected machine and delete the offending file. The problem is it took a couple hours before that resolution was found, and it has to be done by hand on every VM. I can’t just run an Ansible playbook against hundreds of non-booted VMs. Then you have to consider in the case of servers, there might be a specific start up order, certain things might have to be started before other things and further fixing might be required given that every VM hard crashed. At the minimum it took many companies 6-12 hours to get back up and running and on many more it could take days.

[–] dan@upvote.au 4 points 3 months ago

Makes sense - thanks for the details.

[–] UnsavoryMollusk@lemmy.world 1 points 3 months ago

This is assuming you have those access. Some companies can sometimes be a bit .... Stupid.

[–] Joelk111@lemmy.world 1 points 3 months ago* (last edited 3 months ago)

Yeah, like the other person said, corporate IT is responsible for that stuff. I guess they're working through the weekend to try to get it fixed.