CrowdStrike effectively bricked windows, Mac and Linux today.

Windows machines won’t boot, and Mac and Linux work is abandoned because all their users are on twitter making memes.

Incredible work.

  • themeatbridge@lemmy.world
    link
    fedilink
    arrow-up
    44
    ·
    5 months ago

    It’s also a strong indicator that companies are not doing enough to protect their own infrastructure. Production servers shouldn’t have third party software that auto-updates without going through a test environment. It’s one thing to push emergency updates if there is a timely concern or vulnerability, but routine maintenance should go through testing before being promoted to prod.

    • PainInTheAES@lemmy.world
      link
      fedilink
      arrow-up
      27
      ·
      5 months ago

      It’s because this got pushed as a virus definition update and not a client update bypassing even customer staging rules that should prevent issues like this. Makes it a little more understandable because you’d want to be protected against current threats. But, yeah should still hit testing first if possible.

      • suction@lemmy.world
        link
        fedilink
        arrow-up
        11
        ·
        5 months ago

        If a company disguises a software update as a virus definition update, that be a huge scandal and no serious company should ever work with them again…are you sure that’s what happened?

    • Baggie@lemmy.zip
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      100% agree. I haven’t been on the backend of managing crowdstrike so I don’t know if this is a option, but running a wsuz server and manually weeding out bad updates was such an improvement over rawdogging windows updates.