What’s incredible is that they think each country has failed to setup a functional government with no loopholes*. Like, I could see maybe if there was one special case where someone discovered massive cheat codes in one country. But all of them?
Got hit with this in the middle of work. We only have one customer using CrowdStrike, and only staff PCs, no infrastructure. But this one is REAL bad, caused by turning your PC on, and cannot be patched - each affected PC needs to be manually fixed. Would not be surprised to see Linux usage go up after this.
More likely people switch from Crowdstrike to another security/audit software provider. And not to put too fine a point on it, but Microsoft will probably sweep up a lot of fleeing Crowdstrike customers with their Sentinel products.
They are suffering from fallout because of media outlets like the one linked in this post that point the finger at Microsoft and Windows, but I feel this isn’t really fair.
If the kernel module Crowdstrike uses for Linux systems had failed everybody would rightfully point the finger at them for screwing up. But it probably wouldn’t be news since their Linux solutions aren’t as widespread as their Windows solutions are.
If a Windows update would have caused this kind of thing, pointing the finger at Microsoft is justified. But Microsoft has many policies in place that prevent this kind of thing from happening. Their ring based rollout for Windows Updates pretty much exclude this kind of thing from happening.
Honest question, since I’ve been seeing these sorts of anecdotes all over the Internet: why the fuck didn’t your IT group catch this with a simple patch management process?
Updates for CrowdStike are pushed out automatically outside of any OS patching.
You can setup n-1/n-2 version policies to keep your production agent versions behind pre-prod, but other posts have mentioned that it got pushed out to all versions at once. Like a signature update vs an agent update that follows the policies.
lemmy.world
Active