[shrikant]

It's enterprise anti-malware that [in addition to other bits] has a client component installed on all PCs in the corporate network. An update to that client component (called an "endpoint") is causing those Windows machines to BSOD.

It's unlikely you'd have heard of it unless you've worked at a large enterprise that runs primarily Microsoft IT.

Crowdstrike does have Mac/Linux "endpoints" also (IIRC) but I'm unsure if they're affected as well.

[andyjohnson0]

> Crowdstrike does have Mac/Linux "endpoints" also (IIRC) but I'm unsure if they're affected as well.

The problem seems to be in a device driver installed by Crowdstrike - so I'm guessing whatever the bug is, it's specific. to their Windows product.

[vladvasiliu]

Windows complains about some page fault or something in a file name csagent.sys. On my machine this file hasn't changed in several days, but the issue only happened this morning like for everyone else.

This looks suspiciosly a case of "let's download random crap from the web and run it in kernel space. what could possibly go wrong?"

[bun_terminator]

I've never seen a non-Windows machine tbh. But our IT just send out an update that we don't use crowdstrike. Strange that I never heard of it if it's so widespread. But thanks

[bravetraveler]

You'll see this software more in highly regulated areas. Think Government, finance, travel. It exists mainly to check a compliance box.

The Windows claim is a little misleading. We used Linux where I last encountered this. I expect Windows is where problems are manifesting this time; BSOD and kernel panics with this aren't new!

CrowdStrike seemingly came out of nowhere but has existed for a while... I think it's suspicious.

Have we not learned from SolarWinds and company? The vendors become part of your posture. Consolidating far too much

[vladvasiliu]

>Crowdstrike does have Mac/Linux "endpoints" also (IIRC) but I'm unsure if they're affected as well.

We have this crap running on our computers, and only Windows boxes seem affected.

On Linux this isn't running in kernel mode (our kernels are too up-to-date) and we don't seem to have any issue there.

Haven't heard anything about macs though.

[red_Seashell_32]

MacOS seems to be fine (or I was too late to get an update)

[jurmous]

MacOS does not allow kernel extensions anymore luckily

[jachee]

My company MacBook with the falcon client does not seem to be affected by this.

[Klonoar]

The problem is seemingly specifically in the Windows driver, you're unlikely to see an issue if you're not running Windows.

[jurmous]

MacOS does not allow kernel extensions anymore so these kinds of crashes cannot happen. The falcon client on Mac hooks into another layer