I guess it's fortunate that the state dept. I work for is paranoid enough we're always a few Windows versions behind, and they test updates for months before pushing them out.

I heard one of the few airlines not having problems was Southwest, because they're still using an ancient version of Windows, which has caused them problems other times, but saved them this time.

no matter how bad things get at least im not the guy that pushed the crowdstrike update that bluescreened all windows computers and grounded every flight worldwide. what a week

idk if people on tumblr know about this but a cybersecurity software called crowdstrike just did what is probably the single biggest fuck up in any sector in the past 10 years. it's monumentally bad. literally the most horror-inducing nightmare scenario for a tech company.

some info, crowdstrike is essentially an antivirus software for enterprises. which means normal laypeople cant really get it, they're for businesses and organisations and important stuff.

so, on a friday evening (it of course wasnt friday everywhere but it was friday evening in oceania which is where it first started causing damage due to europe and na being asleep), crowdstrike pushed out an update to their windows users that caused a bug.

before i get into what the bug is, know that friday evening is the worst possible time to do this because people are going home. the weekend is starting. offices dont have people in them. this is just one of many perfectly placed failures in the rube goldburg machine of crowdstrike. there's a reason friday is called 'dont push to live friday' or more to the point 'dont fuck it up friday'

so, at 3pm at friday, an update comes rolling into crowdstrike users which is automatically implemented. this update immediately causes the computer to blue screen of death. very very bad. but it's not simply a 'you need to restart' crash, because the computer then gets stuck into a boot loop.

this is the worst possible thing because, in a boot loop state, a computer is never really able to get to a point where it can do anything. like download a fix. so there is nothing crowdstrike can do to remedy this death update anymore. it is now left to the end users.

it was pretty quickly identified what the problem was. you had to boot it in safe mode, and a very small file needed to be deleted. or you could just rename crowdstrike to something else so windows never attempts to use it.

it's a fairly easy fix in the grand scheme of things, but the issue is that it is effecting enterprises. which can have a looooot of computers. in many different locations. so an IT person would need to manually fix hundreds of computers, sometimes in whole other cities and perhaps even other countries if theyre big enough.

another fuck up crowdstrike did was they did not stagger the update, so they could catch any mistakes before they wrecked havoc. (and also how how HOW do you not catch this before deploying it. this isn't a code oopsie this is a complete failure of quality ensurance that probably permeates the whole company to not realise their update was an instant kill). they rolled it out to everyone of their clients in the world at the same time.

and this seems pretty hilarious on the surface. i was havin a good chuckle as eftpos went down in the store i was working at, chaos was definitely ensuring lmao. im in aus, and banking was literally down nationwide.

but then you start hearing about the entire country's planes being grounded because the airport's computers are bricked. and hospitals having no computers anymore. emergency call centres crashing. and you realised that, wow. crowdstrike just killed people probably. this is literally the worst thing possible for a company like this to do.

crowdstrike was kinda on the come up too, they were starting to become a big name in the tech world as a new face. but that has definitely vanished now. to fuck up at this many places, is almost extremely impressive. its hard to even think of a comparable fuckup.

a friday evening simultaneous rollout boot loop is a phrase that haunts IT people in their darkest hours. it's the monster that drags people down into the swamp. it's the big bag in the horror movie. it's the end of the road. and for crowdstrike, that reaper of souls just knocked on their doorstep.

Well,we did end up getting our bug of 2000 after all

With 24 years of delay

I am happy to say that I am unaffected by today's Windows outage as I don't use Crowdstrike.

However, it is unfortunate that so many businesses are facing outages worldwide. Whoever pushed this update is probably gonna be fired.

At this point, after this has happened a dozen times, why the hell is anyone pushing any update that wide that fast. They didn't try 10 nearby computers first? Didn't do zone by zone? Someone needs to be turbo fired for this and a law needs to get written.

The "this has happened a dozen times" really isn't correct. This one is unprecedented.

But yes the "how the hell could it go THAT bad?" is the thing everyone with even a little software experience is spinning over. Because it is very easy to write code with a bug. But that's why you test aggressively, and you roll out cautiously - with MORE aggressive testing and MORE cautious rollout the more widely-impacting your rollout would be.

And this is from my perspective in product software, where my most catastrophic failure could break a product, not global systems.

Anti-malware products like Crowdstrike are highly-privileged, as in they have elevated trust and access to parts of the system that most programs wouldn't usually have - which is something that makes extremely thorough smoke-testing of the product way MORE important than anything I've ever touched. It has kernel access. This kind of thing needs testing out the wazoo.

I can mostly understand the errors that crop up where like, an extremely old machine on an extremely esoteric operating system gets bricked because the test radius didn't include that kind of configuration. But all of Windows?

All of Windows, with a mass rollout to all production users, including governments?

There had to be layers upon layers of failures here. Especially given how huge Crowdstrike is. And I really want to know what their post-mortem analysis ends up being because for right now I cannot fathom how you end up with an oversight this large.

Now you see, if we were a serious civilization, we would learn from the Crowdstrike/Windows IT outage and realize that a society where one program having a bug can shut down the whole world is stupid. And we would probably move to decentralize, and try to be self-sufficient, so that food getting on our table is not wholly dependent on any single service.

But that's a very big if.

CrowdStrike Preliminary Incident Review

CrowdStrike released an explanation for what, exactly, happened that sent the world crashing down. Most of it is completely unnecessary background data, but this is the relevant passage:

What Happened on July 19, 2024? On July 19, 2024, two additional IPC Template Instances were deployed. Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data.

(We released two updates on this date. They were checked with a program. There was a problem with the program, which said they were fine, even though one of them was not.)

Based on the testing performed before the initial deployment of the Template Type (on March 05, 2024), trust in the checks performed in the Content Validator, and previous successful IPC Template Instance deployments, these instances were deployed into production.

(We thought it would be fine because we tested the old stuff before, and we trusted our program.)

When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD).

(It was not fine.)

Basically, they used a program to validate the updates they were sending out, and the program said the updates would work, so they sent it out. They did not actually try it on a computer to see if it would work before deploying it to every active computer on their network, thus sending all of them into an unrecoverable crash.

Wow.

Tumblr Wrapped 2024:

But specifically just the things that I remember seeing a lot of on my dash and remembered to note down

December 2023:

galve goat destroyed by being eaten by birds

frozen bug man asking to borrow an outlet is a potentially fraudulent misogynist

January 2024:

Chicago rat hole

King Charles gets cancer

hellsitegenetics

February 2024:

1 day blinding stew

Car covered with hammers that explodes repeatedly (pregesterone gets her blog nuked and the tumblr CEO looses it)

Fairy vs. Walrus debate.

Terrible AI Willy Wonka experience in Glasgow featuring the Unknown.

Tumblr officially announces that they have a deal to train AI off of tumblr.

March 2024

Princess Kate weird photoshopped picture makes people speculate that she’s dead

Challenge to beat every single level in Super Mario Maker 1 reaches a crunch point due to Nintendo shutting the servers down in April

April 2024

Whatever the heck is going on with Boeing’s planes all falling apart and also their whistleblower dying under somewhat suspicious circumstances

Boop (April fools)

Francis Scott Key bridge in Baltimore got hit by a boat)

Visitpilled friendmaxxer

Pro Palestine divestment encampments and protests at universities across the US. Notably violent at Columbia university.

Bee guy saves the baseball game!

May 2024

- white people rap discourse

June 2024

general trump getting elected fear and posts telling everyone to fuckung vote for Biden because trump is only going to be worse, combined with GB election fears

Toyota Hilux

the presidential debate 🙃

July 2024

the French 👏go👏to👏the👏polls👏

Trump gets shot at a rally (only in the ear sadly)

CrowdStrike lives up to their name and strikes out a large crowd of Windows computers.

Biden drops out of the presidential race, citing old age.

JD Vance Couchfucking saga

I’m not calling you “good boy” ____, you ____!

Special section: Olympics!

Conservative Christians in the USA boycotting watching it because the opening ceremony had a recreation of the last supper/some dyanasious painting with drag

The USA men’s gymnast who only does one event and spends the rest of his time chilling and doing rubix cubes before stepping up, taking off his glasses, and absolutely destroying in the pommel horse

The Norwegian swimmer hoarding all the choccy muffins.

The shooting finals including the person who stands like a Jojo character, the woman who’s stanced and was giving people bi panic, and the 52 year old divorced dad in a t-shirt that won second.

The bus taking the skateboarders to their competition broke down so they all just skateboarded there instead

Imane Khelif, a cis woman boxer, is accused of being trans by JK Rowling because she looks too masculine

Breakdance will not return as an Olympic event because Australia was really bad at it.

August 2024

Colorado puppy adoption event rabies risk

Animation union yaoi

The triangle maker meme

Gravity falls trends due to book of bill release. Mostly with old man and triangle yaoi and jokes about how Ford doesn’t know about 9/11

World hatsune mikus

September 2024

Twitter gets banned in Brazil

First presidential debate: They’re doing transgender surgeries on illegal aliens who are in prison

Another trump assassination attempt but no one really cares than much about it

Moo Deng the baby hippo

Nefarious anglerfish meme evolves into the humble ____ meme

October 2024

people flipping the Wednesday doll’s hair back so they look bald

Why is this ____ serving Saddam Hussein hiding spot

Hawk tuah

Boop round 2 spooky edition

November 2024

US elections.

Dread immedietly following the us elections, including lots of people posting suicide hotlines.

The what is the most fuckable Tetris piece poll

The Onion buys InfoWars.

Crowdstrike did an oopsie that has effected every windows system their software was installed on, making it BSOD. The current fix for it requires booting to safe mode and deleting a specific file that will remove the updated software, which will then be replaced with the new one on next startup. Many things are going to be down today, and don't expect to be able to fly for a bit, as most airline companies are effected by the bug as well. Sources:

https://www.wired.com/story/microsoft-windows-outage-crowdstrike-global-it-probems/

CrowdStruck

By Edward Zitron • 19 Jul 2024 View in browser

Soundtrack: EL-P - Tasmanian Pain Coaster (feat. Omar Rodriguez-Lopez & Cedric Bixler-Zavala)

When I first began writing this newsletter, I didn't really have a goal, or a "theme," or anything that could neatly characterize what I was going to write about other than that I was on the computer and that I was typing words.

As it grew, I wrote the Rot Economy, and the Shareholder Supremacy, and many other pieces that speak to a larger problem in the tech industry — a complete misalignment in the incentives of most of the major tech companies, which have become less about building new technologies and selling them to people and more about capturing monopolies and gearing organizations to extract things through them.

Every problem you see is a result of a tech industry — from the people funding the earliest startups to the trillion-dollar juggernauts that dominate our lives — that is no longer focused on the creation of technology with a purpose, and organizations driven toward a purpose. Everything is about expressing growth, about showing how you will dominate an industry rather than serve it, about providing metrics that speak to the paradoxical notion that you'll grow forever without any consideration of how you'll live forever. Legacies are now subordinate to monopolies, current customers are subordinate to new customers, and "products" are considered a means to introduce a customer to a form of parasite designed to punish the user for even considering moving to competitor.

What's happened today with Crowdstrike is completely unprecedented (and I'll get to why shortly), and on the scale of the much-feared Y2K bug that threatened to ground the entirety of the world's computer-based infrastructure once the Year 2000 began.

You'll note that I didn't write "over-hyped" or anything dismissive of Y2K's scale, because Y2K was a huge, society-threatening calamity waiting to happen, and said calamity was averted through a remarkable, $500 billion industrial effort that took a decade to manifest because the seriousness of such a significant single point of failure would have likely crippled governments, banks and airlines. 

People laughed when nothing happened on January 1 2000, assuming that all that money and time had been wasted, rather than being grateful that an infrastructural weakness was taken seriously, that a single point of failure was identified, and that a crisis was averted by investing in stopping bad stuff happening before it does.

As we speak, millions — or even hundreds of millions — of different Windows-based computers are now stuck in a doom-loop, repeatedly showing users the famed "Blue Screen of Death" thanks to a single point of failure in a company called Crowdstrike, the developer of a globally-adopted cyber-security product designed, ironically, to prevent the kinds of disruption that we’ve witnessed today. And for reasons we’ll get to shortly, this nightmare is going to drag on for several days (if not weeks) to come.

The product — called Crowdstrike Falcon Sensor — is an EDR system (which stands for Endpoint Detection and Response). If you aren’t a security professional and your eyes have glazed over, I’ll keep this brief. An EDR system is designed to identify hacking attempts, remediate them, and prevent them. They’re big, sophisticated, and complicated products, and they do a lot of things that’s hard to build with the standard tools available to Windows developers.

And so, to make Falcon Sensor work, Crowdstrike had to build its own kernel driver. Now, kernel drivers operate at the lowest level of the computer. They have the highest possible permissions, but they operate with the fewest amount of guardrails. If you’ve ever built your own computer — or you remember what computers were like in the dark days of Windows 98 — you know that a single faulty kernel driver can wreak havoc on the stability of your system. 

The problem here is that Crowdstrike pushed out an evidently broken kernel driver that locked whatever system that installed it in a permanent boot loop. The system would start loading Windows, encounter a fatal error, and reboot. And reboot. Again and again. It, in essence, rendered those machines useless. 

It's convenient to blame Crowdstrike here, and perhaps that's fair. This should not have happened. On a basic level, whenever you write (or update) a kernel driver, you need to know it’s actually robust and won’t shit the bed immediately. Regrettably, Crowdstrike seemingly borrowed Boeing’s approach to quality control, except instead of building planes where the doors fly off at the most inopportune times (specifically, when you’re cruising at 35,000ft), it released a piece of software that blew up the transportation and banking sectors, to name just a few.  

It created a global IT outage that has grounded flights and broken banking services. It took down the BBC’s flagship kids TV channel, infuriating parents across the British Isles, as well as Sky News, which, when it was able to resume live broadcasts, was forced to do so without graphics. In essence, it was forced back to the 1950s — giving it an aesthetic that matches the politics of its owner, Rupert Murdoch. By no means is this an exhaustive list of those affected, either. 

The scale and disruption caused by this incident is unlike anything we’ve ever seen before. Previous incidents — particularly rival ransomware outbreaks, like Wannacry — simply can’t compare to this, especially when we’re looking at the disruption and the sheer scale of the problem. 

Still, if your day was ruined by this outage, at least spare a thought for those who’ll have to actually fix it. Because those machines affected are now locked in a perpetual boot loop, it’s not like Crowdstrike can release a software patch and call it a day. Undoing this update requires some users to have to individually go to each computer, loading up safe mode (a limited version of Windows with most non-essential software and drivers disabled), and manually removing the faulty code. And if you’ve encrypted your computer, that process gets a lot harder. Servers running on cloud services like Amazon Web Services and Microsoft Azure — you know, the way most of the internet's infrastructure works — require an entirely separate series of actions.

If you’re on a small IT team and you’re supporting hundreds of workstations across several far-flung locations — which isn’t unusual, especially in sectors like retail and social care — you’re especially fucked. Say goodbye to your weekend. Your evenings. Say goodbye to your spouse and kids. You won’t be seeing them for a while. Your life will be driving from site to site, applying the fix and moving on. Forget about sleeping in your own bed, or eating a meal that wasn’t bought from a fast food restaurant. Good luck, godspeed, and God bless. I do not envy you. 

The significance of this failure — which isn't a breach, by the way, and in many respects is far worse, at least in the disruption caused — is not in its damage to individual users, but to the amount of technical infrastructure that runs on Windows, and that so much of our global infrastructure relies on automated enterprise software that, when it goes wrong, breaks everything. 

It isn't about the number of computers, but the amount of them that underpin things like the security checkpoints or systems that run airlines, or at banks, or hospitals, all running as much automated software as possible so that costs can be kept down.

The problem here is systemic — that there is a company that the majority of people affected by this outage had no idea existed until today that Microsoft trusted to the extent that they were able to push an update that broke the back of a huge chunk of the world's digital infrastructure. 

Microsoft, as a company, instead of building the kind of rigorous security protocols that would, say, rigorously test something that connects to what seems to be a huge proportion of Windows computers. Microsoft, in particular, really screwed up here. As pointed out by Wired, the company vets and cryptographically signs all kernel drivers — which is sensible and good, because kernel drivers have an incredible amount of access, and thus can be used to inflict serious harm — with this testing process usually taking several weeks. 

How then did this slip through its fingers? For this to have happened, two companies needed to screw up epically. And boy, they did. 

What we're seeing today isn't just a major fuckup, but the first of what will be many systematic failures — some small, some potentially larger — that are the natural byproduct of the growth-at-all-costs ecosystem where any attempt to save money by outsourcing major systems is one that simply must be taken to please the shareholder.

The problem with the digitization of society — or, more specifically, the automation of once-manual tasks — is that it introduces a single point of failure. Or, rather, multiple single points of failure. Our world, our lifestyle and our economy, is dependent on automation and computerization, with these systems, in turn, dependent on other systems to work. And if one of those systems breaks, the effects ricochet outwards, like ripples when you cast a rock into a lake. 

Today’s Crowdstrike cock-up is just the latest example of this, but it isn’t the only one. Remember the SolarWinds hack in 2020, when Russian state-linked hackers gained access to an estimated 18,000 companies and public sector organizations — including NATO, the European Parliament, the US Treasury Department, and the UK’s National Health Service — by compromising just one service — SolarWinds Orion? 

Remember when Okta — a company that makes software that handles authentication for a bunch of websites, governments, and businesses — got hacked in 2023, and then lied about the scale of the breach? And then do you remember how those hackers leapfrogged from Okta to a bunch of other companies, most notably Cloudflare, which provides CDN and DDOS protection services for pretty much the entire internet?

That whole John Donne quote — “No man is an island” — is especially true when we’re talking about tech, because when you scratch beneath the surface, every system that looks like it’s independent is actually heavily, heavily dependent on services and software provided by a very small number of companies, many of whom are not particularly good.     

This is as much a cultural failing as it is a technological one, the result of management geared toward value extraction — building systems that build monopolies by attaching themselves to other monopolies. Crowdstrike went public in 2019, and immediately popped on its first day of trading thanks to Wall Street's appreciation of Crowdstrike moving away from a focused approach to serving large enterprise clients, building products for small and medium-sized businesses by selling through channel partners — in effect outsourcing both product sales and the relationship with a client that would tailor a business' solution to a particular need.

Crowdstrike's culture also appears to fucking suck. A recent Glassdoor entry referred to Crowdstrike as "great tech [with] terrible culture" with no work life balance, with "leadership that does not care about employee well being." Another from June claimed that Crowdstrike was "changing culture for the street,” with KPIs (as in metrics related to your “success” at the company) “driving behavior more than building relationships” with a serious lack of experience in the public sector in senior management. Others complain of micromanagement, with one claiming that “management is the biggest issue,” with managers “ask[ing] way too much of you…and it doesn’t matter if you do what they ask since they’re not even around to check on you,” and another saying that “management are arrogant” and need to “stop lying to the market on product capability.”

While I can’t say for sure, I’d imagine an organization with such powerful signs of growth-at-all-costs thinking — a place where you “have to get used to the pressure” that’s a “clique that you’re not in”  — likely isn’t giving its quality assurance teams the time and space to make sure that there aren’t any Kaiju-level security threats baked into an update. And that assumes it actually has a significant QA team in-house, and hasn’t just (as with many companies) outsourced the work to a “bodyshop” like Wipro or Infosys or Tata. 

And don’t think I’m letting Microsoft off the hook, either. Assuming the kernel driver testing roles are still being done in-house, do you think that these testers — who have likely seen their friends laid off at a time when the company was highly profitable, and denied raises when their well-fed CEO took home hundreds of millions of dollars for doing a job he’s eminenly bad at — are motivated to do their best work? 

And this is the culture that’s poisoned almost the entirety of Silicon Valley. What we’re seeing is the societal cost of moving fast and breaking things, of Marc Andreessen considering “risk management the enemy,” of hiring and firing tens of thousands of people to please Wall Street, of seeking as many possible ways to make as much money as possible to show shareholders that you’ll grow, even if doing so means growing at a pace that makes it impossible to sustain organizational and cultural stability. When you aren’t intentional in the people you hire, the people you fire, the things you build and the way that they’re deployed, you’re going to lose the people that understand the problems they’re solving, and thus lack the organizational ability to understand the ways that they might be solved in the future. 

This is dangerous, and also a dark warning for the future. Do you think that Facebook, or Microsoft, or Google — all of whom have laid off over 10,000 people in the last year — have done so in a conscientious way that means that the people left understand how their systems run and their inherent issues? Do you think that the management-types obsessed with the unsustainable AI boom are investing heavily in making sure their organizations are rigorously protected against, say, one bad line of code? Do they even know who wrote the code of their current systems? Is that person still there? If not, is that person at least contracted to make sure that something nuanced about the system in question isn’t mistakenly removed? 

They’re not. They’re not there anymore. Only a few months ago Google laid off 200 employees from the core of its organization, outsourcing their roles to Mexico and India in a cost-cutting measure the quarter after the company made over $23 billion in profit. Silicon Valley — and big tech writ large — is not built to protect against situations like the one we’re seeing today,because their culture is cancerous. It valuesrowth at all costs, with no respect for the human capital that empowers organizations or the value of building rigorous, quality-focused products.

This is just the beginning. Big tech is in the throes of perdition, teetering over the edge of the abyss, finally paying the harsh cost of building systems as fast as possible. This isn’t simply moving fast or breaking things, but doing so without any regard for the speed at which you’re doing so and firing the people that broke them, the people who know what’s broken, and possibly the people that know how to fix them.

And it’s not just tech! Boeing — a company I’ve already shat on in this post, and one I’ll likely return to in future newsletters, largely because it exemplifies the short-sightedness of today’s managerial class — has, over the past 20 years or so, span off huge parts of the company (parts that, at one point, were vitally important) into separate companies, laid off thousands of employees at a time, and outsourced software dev work to $9-an-hour bodyshop engineers. It hollowed itself out until there was nothing left. 

And tell me, knowing what you know about Boeing today, would you rather get into a 737 Max or an Airbus A320neo? Enough said. 

As these organizations push their engineers harder, said engineers will turn to AI-generated code, poisoning codebases with insecure and buggy code as companies shed staff to keep up with Wall Street’s demands in ways that I’m not sure people are capable of understanding. The companies that run the critical parts of our digital lives do not invest in maintenance or infrastructure with the intentionality that’s required to prevent the kinds of massive systemic failures you see today, and I need you all to be ready for this to happen again.

This is the cost of the Rot Economy — systems used by billions of people held up by flimsy cultures and brittle infrastructure maintained with the diligence of an absentee parent. This is the cost of arrogance, of rewarding managerial malpractice, of promoting speed over safety and profit over people. 

Every single major tech organization should see today as a wakeup call — a time to reevaluate the fundamental infrastructure behind every single tech stack. 

What I fear is that they’ll simply see it as someone else’s problem - which is exactly how we got here in the first place. 

Before I even try touching my computer today, anyone know if the crowdstrike bug is affecting personal computers? Or is it just enterprises and companies being hit? My (windows) laptop was working fine all through yesterday and last night, but I'm paranoid as all hell and I really don't want Another computer getting bricked right now.

Just woke up, and apparently a bad Windows update broke the world?

I know you can never make 100% sure an update won't have bugs, but goddamn. You'd think that if hospitals and airports around the fucking world were gonna be installing this update, Microsoft would make damn sure it was ready to go before they sent it out.

edit: oh ok it wasn't microsoft specifically, but crowdstrike. so crowdstrike should've made damn sure the update was ready to go before they sent it out. regardless, somebody's probably gonna lose their job over this one.

Microsoft Global Outage Crowdstrike Bug Shocks Users

Microsoft Global Outage: विशेष रूप से Windows 10, इस समय गंभीर समस्या का स��मना कर रहा है, जिसे Microsoft के शब्दों में Blue Screen of Death (BSOD) कहा जाता है। दुनिया भर में कई ऑफिस और एयरलाइंस अपने कंप्यूटर सिस्टम के Windows 10 क्रैश हो जाने के कारण कार्यप्रवाह में समस्याओं का सामना कर रहे हैं और अब वे नीले स्क्रीन के साथ एक संदेश दिखा रहे हैं, “Windows did not load correctly.” हालांकि Blue…

Microsoft Învinuiește UE pentru Ecranul Albastru al Morții cauzat de Bug-ul Antivirus CrowdStrike

Potrivit unui purtător de cuvânt al Microsoft, legislația Uniunii Europene (UE) a jucat un rol semnificativ în cea mai mare defecțiune IT din istoria modernă, care a blocat milioane de PC-uri Windows cu infamul ecran albastru al morții (BSOD). Aceasta a apărut după o actualizare defectuoasă a software-ului antivirus furnizat de partenerul CrowdStrike. Într-un interviu pentru The Wall Street…

Microsoft vuole togliere l'accesso al kernel ai fornitori di sicurezza

Due mesi dopo il famoso bug Crowdstrike che causò il guasto di oltre 8,5 milioni di PC Windows in tutto il mondo, Microsoft ha appena presentato il suo piano per evitare che questa situazione si ripeta. Da anni Microsoft è abituata ad autorizzare queste aziende a intervenire fino al cuore del sistema operativo, in particolare per garantire un alto livello di protezione. Tuttavia, l’incidente di…