• DigitalDilemma
    link
    fedilink
    English
    31
    edit-2
    5 months ago

    It seems to be crowdstrike reacting to the new update.

    We have got ours up by the very manual process of:

    1 Boot into safe mode.

    1. Navigate to C:\windows\system32\drivers\crowdstrike

    2. Delete C-00000291*.sys

    3. Reboot normally

      • @Ooops@feddit.org
        link
        fedilink
        85 months ago

        It’s the other way around. All those PCs are bluescreening at boot. So that prevents fixing the system remotely and on a large scale. Now poor IT guys have to fix evey single one by hand.

      • DigitalDilemma
        link
        fedilink
        English
        35 months ago

        It has a privileged service running locally - csagent.sys - that was crashing causing the BSOD.

      • Destide
        link
        fedilink
        English
        1
        edit-2
        5 months ago

        Missing data in the boot sequence if that data is stored as a cloud init or a key is needed for auth during boot. So if you’re running thin clients and rely on something like Ansible, but now the thin client can’t get to the service it can’t boot, so critical error.

      • @lmaydev@lemmy.world
        link
        fedilink
        1
        edit-2
        5 months ago

        I guess if the code acted as if it got a valid response without checking it could get into a very weird state. Or the code just fails hard.

        At the driver level it’s very easy to kill things.