this post was submitted on 19 Jul 2024
169 points (96.7% liked)

Technology

59428 readers
4396 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

https://web.archive.org/web/20240719155854/https://www.wired.com/story/crowdstrike-outage-update-windows/

"CrowdStrike is far from the only security firm to trigger Windows crashes with a driver update. Updates to Kaspersky and even Windows’ own built-in antivirus software Windows Defender have caused similar Blue Screen of Death crashes in years past."

"'People may now demand changes in this operating model,' says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy. 'For better or worse, CrowdStrike has just shown why pushing updates without IT intervention is unsustainable.'"

top 25 comments
sorted by: hot top controversial new old
[–] floofloof@lemmy.ca 39 points 4 months ago (2 children)

How did the update get through testing, if the bug has an immediately obvious catastrophic effect?

[–] Telorand@reddthat.com 35 points 4 months ago (1 children)

Agreed, this seems like a pretty obvious failed smoke test.

Three options seem likely to me: the build was untested, the final package got corrupted after testing, the test environment has some kind of abberant config that hid the defect.

[–] jlh@lemmy.jlh.name 16 points 4 months ago

Kernel drivers are "reviewed" and signed by Microsoft for exactly this reason. It's a security risk if any program an administrator runs could load malicious kernel drivers into windows

[–] Rolder@reddthat.com 4 points 4 months ago (1 children)

Something I have heard (take with a grain of salt) is that there was a new windows update that went out just before the crowdstrike update. And the issue happened with the new windows update.

[–] EncryptKeeper@lemmy.world 7 points 4 months ago

Not the case. I have dozens of servers last updated in May that crashed.

[–] lnxtx@feddit.nl 24 points 4 months ago

Read-only friday, right? Right...?
Poor sysadmins.

[–] radivojevic 24 points 4 months ago (1 children)

Pretty good test to see how easy it would be to shut the world down. Uninstall CrowdStrike.

[–] floofloof@lemmy.ca 14 points 4 months ago* (last edited 4 months ago) (2 children)

I'm sure Russia is taking note. Its computers were unaffected due to having no Crowdstrike installations. China too, apparently.

[–] radivojevic 4 points 4 months ago

I’m sure they have their own solution for that, but yes, it would be unwise for a government to install software maintained by a foreign country. Kind of like voting booths.

[–] jlh@lemmy.jlh.name 1 points 4 months ago

China and Russia are switching to Linux, too.

[–] MeekerThanBeaker@lemmy.world 5 points 4 months ago (1 children)

And this happens the same week that Kaspersky left the U.S.

They are laughing internally right now.

[–] greybeard@lemmy.one 11 points 4 months ago (1 children)

Kaspersky has caused BSODs because of updates in the past as well. Hardly an AV maker hasn't. The problem here is that Crowd Strike has captured the enterprise market in a large portion of the globe.

[–] MeekerThanBeaker@lemmy.world 1 points 4 months ago

Oh I'm well aware. I hated deploying Kaspersky. But we switched to Crowdstrike last year and now this happened. Just a funny coincidence.

Luckily, we're a small company and a third use Macs. The others, well, I had three PC laptop and one virtual server issues. Not too bad. We're on the West Coast so glad I was aware of it last night when Australia got issues.

[–] paraphrand@lemmy.world 1 points 4 months ago

Every time our IT tells PC users to just leave their computer on for X hours so it gets updates, I wonder how that can be a great system.