Cybersecurity firm Crowdstrike pushed an update that caused millions of Windows computers to enter recovery mode, triggering the blue screen of death. Learn …

    • General_Shenanigans@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      This happened because a file that CrowdStrike pushed out, which by their own processes is not one that is signed, was immediately pushed out with one of their updates. This update was pushed directly through CrowdStrike’s own method, not via Windows Update. CrowdStrike maintains this capability in order to quickly respond to and prevent security threats. The fact that they have .sys files that aren’t signed is crazy on its own, and a huge screwup by CrowdStrike. So many companies relied upon and trusted this company because up until now, everybody considered it a great product, so it was extremely popular and prevalent. It’s been a huge wake up call for everybody in I.T.

      • MetaCubed@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        4 months ago

        I’m not sure if you intended to reply to me, but I am aware of this. Thanks for checking my understanding though :)

    • Treczoks@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      16
      ·
      4 months ago

      In a way, it was. If Windows was not as crappy as it is, external solutions would not be needed.

      • stephen01king@lemmy.zip
        link
        fedilink
        English
        arrow-up
        5
        ·
        4 months ago

        Linux machines also require Crowdstrike because of business requirements. That does mean Linux is just as crap as Windows then?

          • stephen01king@lemmy.zip
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            Probably the latter. Though, I’m not familiar enough with cybersecurity to make a comment on that.

          • MetaCubed@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            Not to jump at you in another comment thread, but any OS that is deployed in a business environment should have some form of endpoint protection installed unless it is fully airgapped + isolated.

            Despite the myth that “Linux doesn’t get malware”, it absolutely does and should have protection installed. Even if the OS itself was immune to infection, any possible update can introduce a vulnerability to that.

            Additionally, again, even if the OS (or kernel in the case of linux) couldn’t be infected or attacked, the packages or services installed can be attacked, infected, or otherwise messed with and should be protected.

      • MetaCubed@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        4 months ago

        Is your point “Linux and Mac dont get viruses or targeted for cyberattacks”?

        Or is it “This wouldn’t have broken on a different operating system”?

        • Treczoks@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          4 months ago

          No to both. Windows is so broken, it needs kernel-level external software to protect it from attacks that should not be possible in the first place. It is a joke of history that this software was even worse than windows itself.

          • MetaCubed@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            I see you’re operating on a plane of reality where windows is the only bad software, so it’s kinda pointless for me to continue here. I hope you have a wonderful day.

            • Treczoks@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 months ago

              Windows is definitely not the only bad software, but for the amount of resources they could spend on quality, it is a rather shitty product. They could do better, but they don’t want to.

    • werefreeatlast@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      23
      ·
      4 months ago

      I don’t hear about billions of Linux or Mac computers going down all at the same time. I’m hearing that windows allows a simple text file change to bring down all of them at the same time.

        • Entropywins@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          ·
          4 months ago

          They are most likely uninformed with a very strong opinion based on how they feel…while I’d like to call them a moron I’ve done this exact thing and like to think I’m not a moron.

        • werefreeatlast@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          4 months ago

          Even if you write assembly code straight out like a total hacker, it’s still a text file. Literally jump 0x12345 is text. And if it’s just a few kilobits long, then it’s a simple text file yes. Got anything else to ad? Specially if the file actually doesn’t work and the system made to run it “windows” is such shit that every copy of it got halted.

          • MetaCubed@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            Yes and at the end of the day it’s all just binary getting dumped into a cache and processed by the CPU. The point is that the intent of the file matters and while they do both hold text, the intent, purpose, and handling of the kernel mode/ring 0 driver is much different than a “simple text file”

            So different in fact, that as another user pointed out, it has happened to Linux too