Forum Overview :: American McGee's Honda Civic
 
A former Windows dev gives some technical insight into what happened by Rafiki 07/21/2024, 9:46pm PDT



A user in the comments said this, which, if true, is mind-blowing:

While this is technically what crashed machines it isn't the worst part.

CS Falcon has a way to control the staging of updates across your environment. Businesses who don't want to go out of business have a N-1 or greater staging policy and only test systems get the latest updates immediately. My work for example has a test group at N staging, a small group of noncritical systems at N-1, and the rest of our computers at N-2.

This broken update IGNORED our staging policies and went to ALL machine at the same time. CS informed us after our business was brought down that this is by design and some updates bypass policies.

So in the end, CS caused untold millions of dollars in damages not just because they pushed a bad update, but because they pushed an update that ignored their customers' staging policies which would have prevented this type of widespread damage. Unbelievable.
PREVIOUS NEXT REPLY QUOTE
 
CrowdStrike put mitigation steps behind a login. NT by Gary 07/19/2024, 2:40pm PDT NEW
    I'm pretty glad we decided not to go with them NT by laudablepuss 07/19/2024, 5:06pm PDT NEW
    A former Windows dev gives some technical insight into what happened by Rafiki 07/21/2024, 9:46pm PDT NEW
        Ha, I just saw this video by laudablepuss 07/22/2024, 2:21pm PDT NEW
            Crowdstrike IS basic security. by Mysterio 07/22/2024, 4:43pm PDT NEW
 
powered by pointy