How One Bad CrowdStrike Update Crashed the World’s Computers
A defective CrowdStrike update sent computers around the globe into areboot spiral, taking down air travel, hospitals, banks, and more with it. Intheir article for WIRED,Lily Hay Newman, Matt Burges and Andy Greenberg explain how this becamepossible. According to CrowdStrike, the root cause of thecrash had been a single configuration file pushed as an update to Falcon. Theupdate was aimed at changing how Falcon inspects “named pipes” in Windows, afeature that allows software to send data between processes on the same machineor with other computers on the local network. According to CrowdStrike, the configurationfile update was aimed at allowing Falcon to catch a new method that hackerswere using for communication between their malware on victim machines andcommand-and-control servers. CrowdStrike has just shown why pushing updateswithout IT intervention is unsustainable.
https://www.wired.com
Related Articles: