• @[email protected]
    link
    fedilink
    English
    23
    edit-2
    5 months ago

    The real fuck up is that Crowdstrike Falcon can auto update through its own updater, and doesn’t have any kind of control panel for management that could be used for change control. If their customers could have tested this update first, none of this would be happening.

    • Pennomi
      link
      English
      175 months ago

      Or if they were smart enough to do a phased rollout to a small percentage of users before deploying worldwide. That catches most issues quickly.

      • Justin
        link
        fedilink
        English
        55 months ago

        Or if Microsoft reviewed drivers before signing them.

        • KmlSlmk64
          link
          English
          45 months ago

          I think they do (or at least I’ve seen it mentioned), but this wa apparently caused a by a bad configuration fil for that driver. (A 40-something kB file pf pure zeroes)

    • @quinkin
      link
      English
      45 months ago

      Yep. A lot of customers were running n-1 or even n-2 of their falcon sensor release to mitigate risk. Doesn’t count for shit though if the “deployed content” bypasses all of that.

    • sunnie
      link
      fedilink
      English
      2
      edit-2
      5 months ago

      an antivirus-like software is something you want auto updates for in my opinion