this post was submitted on 20 Jul 2024
158 points (97.6% liked)

Technology

1326 readers
285 users here now

Which posts fit here?

Anything that is at least tangentially connected to the technology, social media platforms, informational technologies and tech policy.

Rules

1. English onlyTitle and associated content has to be in English.
2. Use original linkPost URL should be the original link to the article (even if paywalled) and archived copies left in the body. It allows avoiding duplicate posts when cross-posting.
3. Respectful communicationAll communication has to be respectful of differing opinions, viewpoints, and experiences.
4. InclusivityEveryone is welcome here regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
5. Ad hominem attacksAny kind of personal attacks are expressly forbidden. If you can't argue your position without attacking a person's character, you already lost the argument.
6. Off-topic tangentsStay on topic. Keep it relevant.
7. Instance rules may applyIf something is not covered by community rules, but are against lemmy.zip instance rules, they will be enforced.

Companion communities

[email protected]
[email protected]

Icon attribution | Banner attribution

founded 11 months ago
MODERATORS
[email protected]
158
CrowdStrike’s faulty update crashed 8.5 million Windows devices, says Microsoft (www.theverge.com)
submitted 3 months ago by [email protected] to c/[email protected]
33 comments fedilink hide all child comments
 

Here are the details about what went wrong on Friday.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 3 months ago (3 children)

Those computers don't have auto update enabled

[–] [email protected] 2 points 3 months ago (1 children)

CrowdStrike’s channel file updates were pushed to computers regardless of any settings meant to prevent such automatic updates, Wardle noted.

https://x.com/patrickwardle/status/1814367918425079934

[–] [email protected] 1 points 3 months ago

I work at an enterprise software company and have some well known, security conscience customer. The above is only true for us humans, if you have the money, you can dictate whatever the fuck you want.

[–] [email protected] 1 points 3 months ago* (last edited 3 months ago)

Absolutely that. For networks that matter, patches are usually tested independently. While I wouldn't trust the average military command to do patch testing, any civilian/corporate contractors absolutely would, because money. (Microsoft is likely at the top of that stack...)

There are other conditions as well. EDR infrastructure, if it exists, would need to be isolated on a "Government cloud" which is a different beast completely. Plus, there are different levels of networks, some being air-gapped.

[–] [email protected] 1 points 3 months ago

Normally I would agree however this doesn’t appear to be a Microsoft update but a CrowdStrike update. Given that everyone is worried about ransomware etc.