CrowdStrike effectively bricked windows, Mac and Linux today.

Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.

Incredible work.

  • themeatbridge@lemmy.world
    link
    fedilink
    arrow-up
    78
    ·
    5 months ago

    It’s also a strong indicator that companies are not doing enough to protect their own infrastructure. Production servers shouldn’t have third party software that auto-updates without going through a test environment. It’s one thing to push emergency updates if there is a timely concern or vulnerability, but routine maintenance should go through testing before being promoted to prod.

    • PainInTheAES@lemmy.world
      link
      fedilink
      arrow-up
      41
      ·
      5 months ago

      It’s because this got pushed as a virus definition update and not a client update bypassing even customer staging rules that should prevent issues like this. Makes it a little more understandable because you’d want to be protected against current threats. But, yeah should still hit testing first if possible.

      • suction@lemmy.world
        link
        fedilink
        arrow-up
        22
        ·
        5 months ago

        If a company disguises a software update as a virus definition update, that be a huge scandal and no serious company should ever work with them again…are you sure that’s what happened?

        • PainInTheAES@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          Ah, was a bit off. The update disregarded update controls per reddit and I must have misunderstood what exactly the channel update did. I know for the sensors you can set how closely you want to track current releases but I guess the driver update is not considered under those rules. I use CrowdStrike in my day to day but not from the administrative side, sorry for the misinformation. Thanks for the details Gestrid.

    • Baggie@lemmy.zip
      link
      fedilink
      arrow-up
      11
      ·
      5 months ago

      100% agree. I haven’t been on the backend of managing crowdstrike so I don’t know if this is a option, but running a wsuz server and manually weeding out bad updates was such an improvement over rawdogging windows updates.