ThreatLocker CEO Danny Jenkins said it appears that the CrowdStrike update was not staggered because it was not a full software patch, which would have been released in stages.
Instead, Jenkins said, this was an update to CrowdStrike Falcon likely targeted at protecting customers against newly discovered cyberthreats, which is a frequent type of update for an endpoint security tool.
To keep customers protected, CrowdStrike “wants to push those threat updates instantly, to as many people as possible,” he said. ... Hammond noted that as part of keeping up with hackers, many cybersecurity vendors have adopted similar practices around automated updating. Access to the Windows kernel—which has been implicated in the Microsoft outage—has also been considered crucial in order to provide strong security, he said.
The conglomeration of factors that made the outage possible is really “the nature of the beast” in terms of today’s cybersecurity practices, Hammond said.
I did not encounter a problem on Friday though several of my colleagues (including ones in India) did. I may have just missed it as per my notes, I finished my work up at 12:10am and must have put my laptop to sleep right around then.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
no subject
Date: 2024-07-21 04:18 am (UTC)Based on these pages (https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/ and https://www.crowdstrike.com/blog/falcon-update-for-windows-hosts-technical-details/), Crowdstrike pushed the bad update out at 12:09am Eastern U.S. time (0409 UTC), and pushed the fixed version out already at 1:27am (0527 UTC), and the problem only affected computers that were online during that 1.5 hour period.
I did not encounter a problem on Friday though several of my colleagues (including ones in India) did. I may have just missed it as per my notes, I finished my work up at 12:10am and must have put my laptop to sleep right around then.