Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn …

  • Joe@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    1
    ·
    edit-2
    5 months ago

    It is pretty easy to imagine separate streams of updates that affect each other negatively.

    CrowdStrike does its own 0-day updates, Microsoft does its own 0-day updates. There is probably limited if any testing at that critical intersection.

    If Microsoft 100% controlled the release stream, otoh, there’d be a much better chance to have caught it. The responsibility would probably lie with MS in such a case.

    (edit: not saying that this is what happened, hence the conditionals)

    • Toribor@corndog.social
      link
      fedilink
      English
      arrow-up
      13
      ·
      5 months ago

      I don’t think that is what happened here in this situation though, I think the issue was caused exclusively by a Crowdstrike update but I haven’t read anything official that really breaks this down.

      • barsquid@lemmy.world
        link
        fedilink
        English
        arrow-up
        15
        ·
        5 months ago

        Some comments yesterday were claiming the offending file was several kb of just 0s. All signs are pointing to a massive fuckup from an individual company.

        • Wiz@midwest.social
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          5 months ago

          Which makes me wonder, did the company even test it at all on their own machines first?