Some bad code just broke a billion Windows machines

Fireship
Fireship
2,311,975
0
Published 2024-07-19
Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn how the Crowdstrike crash happened and its impact around the world.

#programming #cybersecurity #thecodereport #crowdstrike #windows

💬 Chat with Me on Discord

discord.gg/fireship

🔗 Resources

Crowdstrike Statement www.crowdstrike.com/blog/statement-on-falcon-conte…
XZ hack    • Linux got wrecked by backdoor attack  
Rabbit hack    • Rabbit R1 makes catastrophic rookie p...  

🔥 Get More Content - Upgrade to PRO

Upgrade at fireship.io/pro
Use code YT25 for 25% off PRO access

🎨 My Editor Settings

- Atom One Dark
- vscode-icons
- Fira Code Font

🔖 Topics Covered

- Crowdstrike failure explained
- How does windows kernel work
- What caused windows computers to crash?
- Cybersecurity
All Comments (21)
  • @tekalh7647
    The fact that it was an Antivirus that performed the single most successful malware attacks ever is just pure poetry
  • @strapatser9427
    Hiring 20 more project managers and 40 extra recruiters should prevent this in the future
  • @somethingsomething8511
    What the hell is their deployment process where they didn't catch this in testing? Like they ran the update, saw a blue screen of death and went "looks good, ship it"?
  • @debasishraychawdhuri
    If this kind of an upgrade can go through unchecked, imagine how easy it would be to pay one rogue engineer to deploy malicious code that can be exploited later at ease.
  • @SemGabelko
    "You can't hack a system if the system doesn't work! " - Cybersecurity intern pushing the update
  • @AVSbeats
    Everyone: DEV > TEST > PROD Crowdstrike: PROD
  • @sazzbot8874
    Honestly, this was truly a dangerous crash. And crowdstrike has been throwing stones and mocking Microsoft for months. And then they did this.
  • @garymartin9777
    this is why you don't push untested and uncontrolled updates to the world. Every single update has to be rigorously tested in-house and to a control group before an even larger test before pushing out the door.
  • @nicolascage4438
    My dad: Come on, it's just an internship, what's the worst that could happen? Me:
  • @ComDenox
    The alpha move of doing something that would make your stock value crash, but simultaneously freezing the stock market so that it can't.
  • @BeHappyWithUrLife
    As an IT manager this really hurt. Having to require a bitlocker key for 1000’s of laptops was a nightmare.
  • @jaunitaquinlivan
    poor employee probably overworked af. one person should never be able to deal this much damage. this company has flawed processes
  • @manteiga_de_pimenta
    I was fired last week from my IT job. Yesterday I woke up to a call from the company asking for help, as apparently they didn't have time to hire someone else capable of fixing it, I politely said that I was busy, hung up the call and laughed my ass off of them
  • @vkmi5776
    I also love the fact that Crowdstrike CEO, Kurtz, was McAfee CEO when something similar happened with Windows XP in 2010
  • @SeaMonkey137
    My boss and I had just had a conversation the day before about the risks associated with so many industries relying on "best practices" (French for "use what all the CEO's friends are using") for platform and enterprise software decisions.
  • @clray123
    They even named their cybersecurity company to sound like a DDoS attack.
  • @made13145
    the biggest problem is with laptops and other PC that completely standalone. With so many user scatter around in god knows where. And with windows that loves doing random shit, sometimes you can't even enter the recovery environment to get into the safe mode. So so much nightmare lmaoo
  • @jaunitaquinlivan
    Not just bad code but a short group of bytes in a very short string of code. Pure genius.