Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
CrowdStrike Says Global IT Outage Impacting Windows PCs, But Mac and Linux Hosts Not Affected
- Thread starter MacRumors
- Start date
- Sort by reaction score
Some responsibility by design perhaps, but no blame for this event. But more, definitely not. Microsoft has nothing to do with applying the controls within Crowdstrike to prevent bad releases like this. That is all on Crowdstrike
No third-party software update should *ever* be able to bring down an entire OS. This is a shockingly fundamental flaw.
So tomorrow, the world will be asking CrowdStrike how they can make the enterprise computing systems around the world safe from a similar occurrence going forward? No. The questions all go to Microsoft.
Yet low level access by cybersecurity software always has the possibility of incompatibility with MS patches. They can’t foresee their software acting improperly with operating systems underlying changes. Patches need to be delayed long enough to test for compatibility issues, not patched as soon as they get it for an enterprise environment.
What I find insane is the number of backend systems running Windows when something like Linux would be better suited. Not entirely a Mac vs PC thing but a world where companies use Windows instead of working on better solutions.
But the most important thing is middle management risk. If a manager's department screws up, the manager is blamed. If the outsource company screws up the outsource company is blamed. When in fact the manager probably did not do their due diligence. Outsourcing is all about management risk avoidance.
this is bad design, third party software shouldn't affect booting.
OS should be designed in such a way that it will be boot in any scenario unless the HDD is corrupt.
OS should be designed in such a way that it will be boot in any scenario unless the HDD is corrupt.
Fully agree. Not sure how CrowdStrike integrates with Windows but I find it absolutely insane it could do something like this. Tells me that an attacker could exploit this for a massive-scale DoS attack.
i don't think they save money by moving to cloud, they just move money from one budget/org to another.
most of it is gimmicks.
Part of the reason is that Windows shares a lot of its code base with previous generations of Windows. As a Forbes article said:
"Windows 11, like all Microsoft operating systems, will be the 'most secure' ever made, just like Windows 10 was and before that Windows 7," Thornton-Trump says. "But Windows 11 will be proven to be vulnerable just like Windows 10 and Windows 7," he concludes, "as Windows 11 shares a lot of the codebase (and even previous versions) with its parent OS's so it will get attacked and will most likely be exploited."
Thats suggestive of MS offering a OS that isn't like that. Well guess we have to wait and see how 12 works out.
Windows allowed Crowdstrike to take control of Windows booting process.
Crowdstrike messed up but windows should get the blame too.
I mean it’s literally an antivirus app. You don’t need one for the Mac. But you certainly do for windows. Just saying
Then be ready to always leave attack vectors. Every decision is a compromise. Leaving the backdoor open to vulnerabilities is worse in my opinion, and would have a higher likelyhood as a risk than what happened today to customers from Crowdstrike.
I’m sure the EU will find a way to spin it into an anti monopoly fine for Apple.
Then an attacker needs to get in the supply chain. Which is possible and has happened before with application level software. But if corporate endpoint devices are that open that anyone can install software. Well they deserve what they’ve got coming, and are in the EU subjected to a fine or worse.
But eitherway, even if that happens that would not be a DoS attack. That is something entirely different.
Microsoft would say to switch to Microsoft Defender for endpoint combined with purview for DLP, and sell you more Azure services
I don’t think the openness and allowing intervention of such third party solutions is an issue. There are companies who are very good at this and provide solutions and signatures that go way beyond what you can get from Microsoft. What seems to be the issue here is a breakdown of controls at an trusted organisation. That could happen at any organisation including Microsoft, Apple, or hardware manufacturers like Dell or HP.
I don't think that security is a good reason for taking risks (or by-passing a process).
I don't believe Apple grants third parties access to the kernel in the way MS did here. Worse here, was MS admitted that they do not review and/or certify the updates. That, to me, is a massive failure on Microsoft's front.
This is an absolutely amazing time to be a tech lawyer.
I think you are reaching that conclusion because you'e already decided the root cause of the issue and the solution.
Alice hires Bob for IT who then buys a computer from Carl running an OS from Dave that was configured by Eliza to run software from Frank. Frank pushes out an update crashing the company so the conclusion is it must be Dave's fault?
Alice needs to start with Bob about the priorities for the business and Bob needs to be able to devise different optoins and communicate trade-offs. Maybe Bob shouldn't buy all his computers from Carl configured exactly the same way even if it saves money?
For example NYPD maintains a fleet of different models of cars from different manufacturers so that they don't risk the whole fleet if there is a flaw or weakness in a model. Not saying that is the solution but rather that there are other solutions and other ways of thinking about the issues.
Of course we could just bypass thinking about the problem and doing root cause analyses and move on as quickly as possible with some kabuki theatre to make people feel better in the meantime. Until it happens again with different details but the same results. On the plus side that will keep the crisis communications teams in business.