The real fuck up is that Crowdstrike Falcon can auto update through its own updater, and doesn’t have any kind of control panel for management that could be used for change control. If their customers could have tested this update first, none of this would be happening.
I think they do (or at least I’ve seen it mentioned), but this wa apparently caused a by a bad configuration fil for that driver. (A 40-something kB file pf pure zeroes)
Yep. A lot of customers were running n-1 or even n-2 of their falcon sensor release to mitigate risk. Doesn’t count for shit though if the “deployed content” bypasses all of that.
The real fuck up is that Crowdstrike Falcon can auto update through its own updater, and doesn’t have any kind of control panel for management that could be used for change control. If their customers could have tested this update first, none of this would be happening.
Or if they were smart enough to do a phased rollout to a small percentage of users before deploying worldwide. That catches most issues quickly.
Or if Microsoft reviewed drivers before signing them.
I think they do (or at least I’ve seen it mentioned), but this wa apparently caused a by a bad configuration fil for that driver. (A 40-something kB file pf pure zeroes)
or like, tested the fucking update at all…
Yep. A lot of customers were running n-1 or even n-2 of their falcon sensor release to mitigate risk. Doesn’t count for shit though if the “deployed content” bypasses all of that.
an antivirus-like software is something you want auto updates for in my opinion