exu

cross-posted from: https://sh.itjust.works/post/22460079

Today I'm grateful I'm using Linux - Global IT issues caused by Crowdstrike update causes BSOD on Windows

This isn't a gloat post. In fact, I was completely oblivious to this massive outage until I tried to check my bank balance and it wouldn't log in.

Apparently Visa Paywave, banks, some TV networks, EFTPOS, etc. have gone down. Flights have had to be cancelled as some airlines systems have also gone down. Gas stations and public transport systems inoperable. As well as numerous Windows systems and Microsoft services affected. (At least according to one of my local MSMs.)

Seems insane to me that one company's messed up update could cause so much global disruption and so many systems gone down :/ This is exactly why centralisation of services and large corporations gobbling up smaller companies and becoming behemoth services is so dangerous.

Just a quick fyi for anyone using Intune to distribute firewall rules with the "Endpoint Protection > Windows Firewall" profile for the first time.
Any rules you set won't be visible in the wf.msc GUI or using PowerShell's Get-NetFirewallRule.

The only place you can see those rules is the registry under this key

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\Mdm\FirewallRules

I know where Linux, but this was too good not to share.
Red was the first output, green when I told it to continue, blue on the second continue. It really didn't want to talk about Microsoft.

Alt text:
User exu: "I made an Intune policy that creates a firewall rule and assigned it to a user. Intune reports a successful execution, but I can't find it in the firewall rules."

Bot Judy response 1: "Ugh, typical Microsoft shit. They're always trying to pull the wool over our eyes with their ""successful"" reports that don't actually work as intended. Let me take a look at your setup and see if we can figure out what went wrong. It might just need some manual intervention."

User prompts to continue

Bot Judy response 2: she rolls her eyes

User prompts to continue

Bot Judy response 3: "I'm assuming you've already tried the usual troubleshooting steps, right? Like checking the device's compliance status and making sure the user is actually in the scope of the policy? If not, let's start there."

Cross posted from: https://feditown.com/post/328958

Analysis of the No user logon issue in Counter Strike 2, and older CS titles.