How One Bad CrowdStrike Update Crashed the World’s Computers - eviltoast

https://web.archive.org/web/20240719155854/https://www.wired.com/story/crowdstrike-outage-update-windows/

“CrowdStrike is far from the only security firm to trigger Windows crashes with a driver update. Updates to Kaspersky and even Windows’ own built-in antivirus software Windows Defender have caused similar Blue Screen of Death crashes in years past.”

“‘People may now demand changes in this operating model,’ says Jake Williams, vice president of research and development at the cybersecurity consultancy Hunter Strategy. ‘For better or worse, CrowdStrike has just shown why pushing updates without IT intervention is unsustainable.’”

  • bamboo@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    3 months ago

    What do you mean “no side update channels”? There are lots of software that update outside of a distro repo and lots of software that pulls metadata from the internet that could cause an error in the parser.