Yeah we good. The fix was ezpz and even a company with several thousand servers should be up now. End user workstations may take more effort, but it’s a 5 min fix per user.
Honestly this was half as stressful as Print Nightmare was, from an IT perspective.
Unfortunately, I wiped my computer Thursday night before our company mentioned anything. lol. I ended up finding out about the issue on Lemmy/Reddit. My company didn’t send anything out until this morning - which I still find insane, my laptop crashed and started looping around 7p (took them like 12 hours).
My laptop just rebooted while I was working so I assumed some program I’d installed caused it (explorerpatcher). I tried everything, safe mode, system restore, uninstall updates. I figured the only option left was to reinstall windows. Done it plenty of times on my personal PC
Oh well, lesson learned. Shit’s totally fucked now. It won’t even connect to the Internet. lol. Definitely a Monday problem though
Hold up… You thought maybe you downloaded malware (which in this case that was not the only cause) so you took it upon yourself to reinstall windows on a company issued laptop?
Why are you trying to fix it? Submit It ticket and it’s their problem.
If you suspect malware alert it security immediately. Many malware act as a gateway to lock other systems. Yes you might get in trouble but I’d rather be yelled at for downloading something then yelled at for infecting my company servers will ransomware/malware.
Atleast in my company a computer connecting without a company supplied image of windows will be denied. Completely understand you not connecting to the internet.
This problem was not caused by you but could of been… Take this as a lesson to be more proactive in the future.
They might have a BYOD policy at work where they remote into an azure desktop or something and then reinstalled Windows on their physical device. Who knows. But yeah, they still should have notified their security personnel at the very least before taking any further action, lol.
Yeah #2 is a big one. I’ve had to deal with a user who got hit by a supply chain attack, and doing forensics on their box was invaluable.
If they’d wiped their desktop as soon as it got compromised, we’d have nothing to go off of. I’d expect that user to be in some pretty serious trouble tbh for violating our security policy by not notifying us immediately.
Yeah we good. The fix was ezpz and even a company with several thousand servers should be up now. End user workstations may take more effort, but it’s a 5 min fix per user.
Honestly this was half as stressful as Print Nightmare was, from an IT perspective.
Glad it wasn’t too bad for you/y’all.
Unfortunately, I wiped my computer Thursday night before our company mentioned anything. lol. I ended up finding out about the issue on Lemmy/Reddit. My company didn’t send anything out until this morning - which I still find insane, my laptop crashed and started looping around 7p (took them like 12 hours).
My laptop just rebooted while I was working so I assumed some program I’d installed caused it (explorerpatcher). I tried everything, safe mode, system restore, uninstall updates. I figured the only option left was to reinstall windows. Done it plenty of times on my personal PC
Oh well, lesson learned. Shit’s totally fucked now. It won’t even connect to the Internet. lol. Definitely a Monday problem though
Hold up… You thought maybe you downloaded malware (which in this case that was not the only cause) so you took it upon yourself to reinstall windows on a company issued laptop?
Why are you trying to fix it? Submit It ticket and it’s their problem.
If you suspect malware alert it security immediately. Many malware act as a gateway to lock other systems. Yes you might get in trouble but I’d rather be yelled at for downloading something then yelled at for infecting my company servers will ransomware/malware.
Atleast in my company a computer connecting without a company supplied image of windows will be denied. Completely understand you not connecting to the internet.
This problem was not caused by you but could of been… Take this as a lesson to be more proactive in the future.
Could have. Have.
Or just “could’ve”
You missed a then/than as well
They might have a BYOD policy at work where they remote into an azure desktop or something and then reinstalled Windows on their physical device. Who knows. But yeah, they still should have notified their security personnel at the very least before taking any further action, lol.
Yeah #2 is a big one. I’ve had to deal with a user who got hit by a supply chain attack, and doing forensics on their box was invaluable.
If they’d wiped their desktop as soon as it got compromised, we’d have nothing to go off of. I’d expect that user to be in some pretty serious trouble tbh for violating our security policy by not notifying us immediately.