this post was submitted on 19 Jul 2024
524 points (99.4% liked)

Technology

58303 readers
54 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 70 points 3 months ago (3 children)

And don't have automatic updates enabled for critical infrastructure.

[–] [email protected] 21 points 3 months ago (1 children)

So true, this really highlights the risk of updates impacting critical systems vs critical systems being exposed to critical vulnerabilities. Its a real balancing act.

[–] [email protected] 1 points 3 months ago

It actually highlights the risk of having unaudited third party software running on your critical infrastructure

[–] [email protected] 13 points 3 months ago

I don't know exactly how crowd strike works, but this sounded like a "virus signatures" update (IE not a software update per se). And thats what caused the issue.

I think "real time virus protection" is why people use it so they expect the signatures to get updated asap/with little to no human intervention.

This is a crowd strike epic fail...for how they let their software blue screen systems with a virus signature update.