Blue Screen of Death(BSOD) | CrowdStrike’s Mistake: Inside the Microsoft Outage |Must Watch

00:02

hello everyone welcome to the session

00:04

and today's session is very interesting

00:06

because we are going to discuss one of

00:08

the important key topic that is a recent

00:10

outage which happened today about uh

00:15

Microsoft outage right so why this is

00:18

very important uh because we all are

00:21

like talking about the network we all

00:23

are talking about the security and we

00:26

always connected with the Microsoft

00:28

product and these product are basically

00:30

Ally very popular in all over Globes so

00:33

being a network Security Professionals

00:36

or Engineers we should know what exactly

00:38

happen and what is going on in the

00:39

market and why there is lot of you know

00:42

cures available across the globe flights

00:44

are getting cancelled people are like uh

00:48

uh getting mass in the

00:50

hospitals uh like the trading sectors

00:53

are affected a lot of Stock Exchange has

00:56

been like affected due to that so many

00:59

organization Enterprise company also get

01:01

affected like PCS are not getting up uh

01:05

because of this particular outage so we

01:07

just have to know that so there's two

01:09

things we just have to understand one is

01:11

about the Microsoft that is one company

01:14

because we all know that what is a

01:15

Microsoft and what is the product of the

01:17

Microsoft like every laptop having the

01:20

Microsoft teams we have the Microsoft

01:23

Office and if those products are not

01:26

going to work then how basically you are

01:28

going to do any kind of the work

01:30

so the same thing happened today and

01:33

entire system was having some error and

01:36

that error was known as the very

01:39

important that is a BS o what is a BS o

01:43

that is the blue

01:46

screen like blue screen of death so

01:51

that's why we taken the blue screen as

01:52

well so let me show you how it is

01:54

exactly going to look like so if you

01:56

just go on the

01:58

Google and if I go

02:01

here and if I just type BS o so it is

02:07

going to give such kind of the like you

02:08

can see this is the image so once you

02:10

have the any kind of the laptop or

02:13

desktop which have the Microsoft product

02:14

installed once you are going to start

02:16

your PC or mightbe reboot your PC you

02:18

just going to get this kind of the

02:19

images you can see just 7 hour ago 8

02:21

hour ago it was happened because today

02:23

morning and we are in the evening so

02:25

when I'm just recording this video so

02:28

that was happen and why it was that is

02:30

the most interesting thing this error

02:32

was happened because due to the latest

02:35

crowd strike attack uh that is not

02:39

correct word not attack that is the

02:41

update or changes so we already being

02:43

the uh networker security engineer we do

02:45

some kind Network changes so Cloud

02:47

strike also makes some changes so what

02:49

is a cloud strike first you have to

02:50

understand so basically Microsoft having

02:53

the very good partnership with the cloud

02:55

strike it's a very uh famous

02:57

organization that is u uh available in

03:01

uh us and they have the very good uh

03:03

Global presence so the crowd stke is a

03:06

leading cyber security company and

03:08

basically it's specialized in the

03:10

endpoint Productions so what is endpoint

03:12

production like you have the PC you have

03:14

the any kind of the servers you have the

03:16

mobile phones any endpoint tablets so

03:18

that user are going to use to just do

03:20

any kind of the work being the you know

03:23

uh in office or being the home when they

03:25

doing any professional work so that is

03:27

the cloud ass to just protect those kind

03:29

of devices the cloud strike is laded in

03:32

the market based in the US and this

03:34

company was founded in 2011 by the

03:36

George KS that is a actual founder of

03:39

this company and uh this is quite

03:42

popular but what happened today morning

03:45

they have done some changes in the

03:48

security portfolio that is the latest

03:50

update some people also making the

03:51

numers it happened due to some kind of

03:53

Cyber attack and one of the biggest

03:55

cyber attacks but this is not confirmed

03:57

news till now so we can just think about

04:00

this was happened due to the As for the

04:01

official update due to the changes but

04:04

still this has been not fully recovered

04:06

still the work around has been applied

04:08

but they are just working for the just

04:09

restore this particular issue so the

04:12

cloud strike is the endpoint cyber

04:14

security company and they specialized to

04:17

just secure the you know infrastructure

04:18

to just any kind of the malicias and any

04:20

kind of the malware protections any kind

04:22

of the attacks and just still you know

04:25

uh your asset to be leak so this is

04:27

going to be protective the mission of

04:29

and vision of this company is just stop

04:32

the bridge of any your digital asset and

04:35

providing the superior production and

04:37

delivering instant insight into the

04:40

Cyber threats so that means they are

04:43

claiming or basically it having such

04:45

kind of the capability this product

04:46

having like G scaler and this Cloud

04:49

strike and other vendors are also

04:50

available in endpoint security they're

04:52

claiming they have the capability to

04:55

just catch the threats in zero day

04:57

attack so anything is going to happen in

04:59

malous in a network they're going to

05:01

catch and they're going to kill or they

05:02

also going to provide the remediation

05:04

plan so that's their Vision to redefine

05:06

the security for the cloud era and also

05:09

for the platform which are the any kind

05:11

of the Enterprise Network and also they

05:13

are very committed to provide the

05:15

endpoint security threat intelligence

05:17

and proactive threat hunting so what is

05:19

the proactive threat hunting that means

05:21

Real Time Zero attack so in the cloud

05:25

threats uh if I talk about the cloud

05:28

little bit about the inside and

05:30

information which we just discussed an

05:32

incident that was happened today so this

05:34

is basically endpoint security we are

05:36

discussing and in this endpoint security

05:39

uh this company having a lot of product

05:42

so this company having a lot of product

05:44

likewise let me just write some kind of

05:46

product here so this company having the

05:48

product the first product is a

05:51

falcon sorry

05:54

Falon

05:56

and point production

06:00

so this is one product so what is this

06:01

product is going to do so let me write

06:03

another product that is another product

06:05

is the Falcon X and third product is the

06:12

Falcon OverWatch so these are the three

06:15

popular product sorry I make the

06:18

spelling wrong so these are the three

06:20

products basically it was developed by

06:23

the cloud strike so let me write

06:27

here cloudd

06:34

strike

06:38

products okay so these are the three

06:40

products so what is a fall uh that

06:43

Falcon endpoint production so this is

06:46

the first or you can say one of the

06:47

popular product that is the uh that that

06:50

also know the flagship product providing

06:52

the Next Generation antivirus so

06:54

basically if you want to just do the any

06:56

kind of antivirus prodection if you want

06:58

to do any kind of the end point

07:00

detection so antivirus EDR that is a end

07:04

point detection and response and manage

07:07

straight hunting in a single platform so

07:09

basically if your laptop having any kind

07:11

of virus any kind of the Endo deduction

07:14

like any malicious uh things are going

07:17

to be happen they are going to do that

07:18

and also they keep hunting anything

07:20

happening abnormally in a laptop and

07:23

they're going to fix and they're going

07:24

to provide the remediation plan or

07:25

they're going to generate the alert so

07:26

this is the first product for the end

07:28

point then the next prod is the Falcon X

07:31

this is the automated three intelligence

07:33

solution so you can just think about we

07:36

have something in a cloud or might be

07:38

the automation environment who having

07:41

the threat intelligence solution that is

07:43

going to excelerate your investigation

07:46

and response time you just think about

07:49

the kind of the sandbox so this is going

07:51

to automatically monitor whatever the

07:54

transition is going to happen for your

07:55

system whatever the file you are going

07:58

to upload download this all are going to

08:00

be covered by this particular uh Falcon

08:02

X and they're going to provide the

08:03

realtime threat analysis and they're

08:06

going to also provide some kind of

08:07

solution for the zero data so this is

08:09

the sandbox you can think about it so

08:11

I'm just talking in this short so you

08:13

can understand about the products and

08:15

the third one is the Falcon over watch

08:17

so what is the Falcon OverWatch so this

08:20

is the manage threat hunting service

08:21

that proactively search for the threat

08:24

in the stop breaches so it's again kind

08:26

of the Falon X but just it is just

08:28

related to the produc ability is going

08:30

to search the threads and stop the data

08:32

bridge if anything is going to happen so

08:35

entirely the all three products are

08:37

going to be available for the endpoint

08:39

Security in the different different

08:40

format so basically endpoint production

08:43

basically antivirus and ADR that is a

08:45

one thing and if you want to just do the

08:47

real time research about the threats and

08:49

you want to Bri their data and you want

08:52

to you want to do the zero day uh like

08:54

the analysis then probably you have to

08:56

use these two products so this is about

08:58

the crowd strike so this crowd strike

09:01

having the very good partnership This

09:03

Cloud crowd strike having the very good

09:05

partnership with the Microsoft and due

09:08

to this partnership the cloud strike is

09:11

just managing all the Microsoft products

09:15

which is available in the globally for

09:17

the endpoint solution and they have made

09:19

some changes still not decare what

09:21

changes they have made Bic they have

09:23

made some changes and due to that this

09:26

outage was happened so the root cause of

09:28

the outage was that that has been traced

09:30

till now that the changes has been done

09:34

in the cyber security company by the

09:35

Tyber security Crow strike and due to

09:38

that this has been triggered and the all

09:41

system was affected so I hope that has

09:43

been clear to everyone and this

09:45

Microsoft basically experien the outage

09:48

that is the not only the end point which

09:49

are in the physical world that also in

09:51

the Outlook teams as your envirment so

09:54

all region where the Microsoft having

09:57

the full uh kind of the flagship program

10:01

and the revenue and the customer that

10:03

all are going to be impacted okay and

10:06

that was that there's a huge loss all

10:09

right so let me show you something so if

10:12

I just open one of the Tweet uh from the

10:16

very uh let me go here I just open this

10:20

tweet uh let me show you something so

10:24

this tweet was this this is the this is

10:26

actually uh CEO and the founder of this

10:28

company George so he is talking cloud

10:31

strike is actively working with the

10:33

customer impacted by the I know defect

10:36

found in the single content update in

10:38

the window host so he's just simply

10:41

mentioning like they are working Mac and

10:43

Linux host are not impacted only

10:45

impacted host or the window so if you

10:47

have the mac and Linux is still you the

10:49

safe this is not a security incident or

10:51

the Cyber attack so he clear clarifying

10:54

that this is not a cyber security

10:56

incident or Cyber attack uh this is kind

11:00

of the we can say could be the just uh

11:05

how can I say what the appropriate work

11:08

word so he might be trying to defend

11:10

there is no Cyber attack because if he

11:13

is going to claim uh there is Cyber

11:15

attack and being a cyber security

11:17

company if you are not going to be safe

11:19

then how you are going to promise other

11:22

company product it is going to be safe

11:25

so you just think about this I'm the

11:27

security professional and I just

11:29

employed in my house and uh I'm I'm

11:32

available but there still someone enter

11:34

in my home and do some kind of the

11:36

unauthorized things like they have just

11:38

done the thefts so that security

11:41

personal never going to accept it was

11:43

happen and I was available so he might

11:45

be find some excuses similarly this

11:49

George is trying to put this is not a

11:51

Cyber attack so she's just trying to uh

11:55

uh make some branding uh so that people

11:58

will not think think negative about this

12:00

cloud of strike but this might be true

12:04

this might not be true because if you're

12:06

going search in the social media I just

12:09

went through multiple journals I went

12:10

through multiple new channels

12:12

international national many people are

12:14

talking about this is the Cyber attack

12:17

but he is not talking about Cyber attack

12:20

and he is talking the issue has been

12:22

identified isolated and fix has been

12:25

deployed so probably the fix has been

12:27

deployed this is the latest one and it

12:28

was 3 p.m. today we refer customer to

12:31

support portal that uh uh support portal

12:35

for the latest update will be the

12:36

continue to provide the complete and the

12:38

continuous update on our website we

12:41

further recommend organization ensure

12:44

they are communicating with the cloud

12:46

strike representative through the

12:48

official Channel our team is fully

12:50

mobilized to ensure the security in the

12:53

stability Cloud strike customers so

12:55

somehow he is trying to put in a strong

12:58

position

12:59

where he is just confirming that was

13:01

happened due to the changes not a Cyber

13:03

attack but that could be the

13:05

investigation which is going to reveil

13:06

after some time because multiple things

13:09

happen in the past as well in the

13:10

similar kind of the stuff so he's

13:13

talking see he was just talking about

13:14

the was the Falon agent update not

13:17

tested on the window machine prior to

13:19

the being pushed the worldwide so see

13:22

that's why I just talk about the

13:23

products so I mentioned about there are

13:25

multiple products so you can see falan

13:27

products so f falan endpoint production

13:30

this is the product which has been

13:32

pushed to the multiple but might be he

13:34

just pushing due to not tested prior

13:37

pushing to the realtime production

13:39

environment and it is the cause for this

13:41

particular outage so he is like har is

13:43

you know he's talking about that so if

13:45

you go and just talk about the uh lot of

13:49

discussion happening on the Tweet Crow I

13:51

broke our your business today but please

13:54

remember you you are the problem not us

13:57

we won't provide any helpful information

13:58

here remember so he's just trying lot of

14:01

things here but if you go and find in

14:03

some latest news as well latest article

14:06

so there are lot of articles are

14:07

available in the social media platform

14:10

or the news portal platform in India and

14:12

across the world they are talking about

14:14

the cloud strike and they are having a

14:17

lot of uh problem across the world

14:19

Airlines banking services and uh

14:23

exchange that is a Sans and other kind

14:26

of the trading exchange has been

14:28

completely disrupted by this particular

14:31

outage and the full story about this

14:33

Microsoft outage how the service came

14:35

into the standfield worldwide right and

14:39

when it get backed that kind of the

14:40

title you are going to find that but now

14:42

as for the CEO of the company he

14:44

confirmed that that has been resolved

14:46

but yes this was the reasion that we

14:48

just discussed about that the the main

14:51

concept is what was happen is the bsod

14:54

that is the blue screen of the death so

14:55

that was eror happened and this was

14:57

happened due to the FAL con endpoint

15:00

deployment was happen across the globe

15:04

and he is talking might be not tested

15:07

and that was the reason the entire

15:09

machine was get affected but now it has

15:12

been recovered so let me show you some

15:14

other things so probably you can just

15:16

find and uh search a little bit about

15:18

that so if I go and just uh in ready uh

15:21

I just try to find something something

15:24

so if you just go here let me just copy

15:28

this is this link so here is you can see

15:33

lot of search is here so many window 10

15:36

machine blue screen struck so if you

15:38

just open you just going to find lot of

15:40

news you can see again here the bsod

15:42

blue screen of death so you just go and

15:44

read about this so they are talking

15:47

about you can see here they are talking

15:49

about wondering if anyone else is seeing

15:52

this we suddenly had 2040 machine across

15:55

our Network blue scen almost

15:57

simultaneously edited this is like they

15:59

are talking about something something

16:01

and Cloud strike you can see Cloud

16:03

strike B sod that the blue screen of

16:05

death due to the cloud strike I got two

16:08

separate organization in Australia

16:10

experiencing this this was happened uh

16:13

uh the walk around State they also

16:15

provided how you can fix it workaround

16:17

means the temporary solution the

16:19

permanent solution might be applied

16:21

later but they are talking about the

16:22

workaround solution as well boot uh

16:25

window in the safe mode or window

16:27

recovery environment navigate to this

16:29

particular folder you can see Cloud

16:31

strike directory and locate this

16:33

particular file and delete it so if

16:35

you're going to do that your issue is

16:37

going to be fixed and boot host normally

16:40

this was the work around if you have the

16:41

issue you can just try and you can use

16:43

that so yes just start the 160 server

16:46

all are bsod so that server also got

16:49

impacted this is not going to be fun

16:51

evening so he is talking about like he's

16:53

in trouble and seriously being the

16:56

network and security engineer and if you

16:58

have kind of incident also I'm laughing

17:00

but that's that's very you know painful

17:02

for us so we should very you know in

17:06

difficult situation so we lost over the

17:07

960 instances in the data center you can

17:10

see and work across the globe loss the

17:13

recovery of the staff work ex going to

17:15

be insane he's talking now you know all

17:17

the called Cloud strike so they all are

17:19

talking about the cloud strike put in

17:20

their Tech bulletin behind the support

17:22

login so basically nobody can see call

17:25

them this Cloud strike and delete the

17:27

post so whatever the work on seeing the

17:28

us and 9:00 p.m. so if you see that in

17:31

the Google and uh let me show you a

17:34

little bit about one of the famous

17:36

YouTuber uh video one of the video as

17:40

well so a little bit you can just go and

17:42

research about that this is like the

17:44

first take person who launched this

17:47

particular update what was happen so

17:50

even you can just watch that so he's

17:51

talking about this BSD Cloud strike he's

17:53

talk he's going to talk about what was

17:55

happen due to this Cloud strike so let

17:58

me so little

18:00

bit if I go

18:03

here so he he is just talking about the

18:06

how the machine you can see the realtime

18:07

airport situation you can see how how it

18:10

is happening so there is like the lot of

18:12

um people are on the airports and these

18:15

people are trying to book some kind of

18:16

tickets all is screen is blue you can

18:18

see all screen are the blue so how you

18:21

going to get the broading pass how the

18:23

tickets is going to be like uh available

18:27

so this is all you can think about and

18:29

people are talking about a lot of thing

18:31

about this particular issues so main

18:34

reason we got it right so this is the

18:37

Falcon product which is the endpoint

18:39

security that was designed by the crowd

18:42

strike and due to that particular push

18:44

we are suspecting that was not properly

18:47

tested and due to that the entire glob I

18:51

can say Microsoft PC has been impacted

18:55

to just fix it we have the workaround

18:58

solution to delete the temporary assist

19:00

files which is available which I show

19:01

earlier or they just provided some

19:05

update and after providing that update

19:07

it has been fixed so I I hope this uh

19:10

content is useful for you and thanks for

19:13

watching this have a great day bye-bye

19:15

take care