Planes grounded as mass worldwide IT outage affects airlines, media and banks

"Microsoft Says 8.5 Million Devices Were Impacted by CrowdStrike's Faulty Update..."

https://www.pcmag.com/news/microsoft-says-85-million-devices-were-impacted-by-crowdstrikes-faulty

 

Could all this chaos be the result of CrowdStrike attempting to fix a 2 year old vulnerability: https://www.securityweek.com/securi...ke-issue-after-ridiculous-disclosure-process/ ?

 

No, it was caused by Channel File 291, more in link posted in message #25 in this thread
https://www.wilderssecurity.com/thr...airlines-media-and-banks.454569/#post-3202628

 

How convenient.

 

It's a pretty good bet that they will rectify all across their internal testing spectrum, provisions as to not get caught with their bloomers down again with updates going forward.

It definitely woke up a myriad of IT types and business users as to how a massive wide reaching issue as this can clobber a huge customer base with a simple file error.

 

This is good to know.

 

Yeah, agreed. I had no idea. I'm going to have to look into that myself.

Good daring careful procedure and giving them an advantage. Ingenious and well suited for that purpose,.

 

Cool!

For a moment I thought they could also use a YubiKey for this, but apparently that can send 38 characters at most (so not the 48 required)?

https://support.yubico.com/hc/en-us...0-Understanding-Core-Static-Password-Features

 

Analyzing Malicious CrowdStrike Domains: Who Is Affected and What Could Come Next
Akamai Enterprise Security Group SecOps
July 26, 2024
https://www.akamai.com/blog/securit...crowdstrike-bsod-domains-what-could-come-next

 

I think that suing Microsoft for this won't work. It is entirely between Crowdstrike and its customers.
When it comes to interview I believe that Delta CEO responding to question whether or not they are suing them by phrase: we have to.was very telling...

Regarding the quote and title of article: aside that nobody is putting enterprise servers on macOS, I don't recall about Apple outage, but I certainly heard about undetectable malware for iPhone I.e. Pegasus by NSO Group. That's why kernel-level access is important for protection or at least detection. Sufficiently resource-rich bad guys can and will break through macOS kernel protection

 

They're probably trying to suck Microsoft in because of this:

Microsoft blames Crowdstrike meltdown on 2009 European Union deal (cointelegraph.com)

 

https://www.bleepingcomputer.com/ne...d-by-investors-over-massive-global-it-outage/

To follow shortly will be affected customer lawsuits. These will be the ones to watch since CrowdStrike's EULA protects it to a large degree from this. Time the court's; at least the U.S. courts, invalidate these EULA's when negligence is involved.

-EDIT- Also if a security solution states it protects against ransomware w/o any exceptions or qualifications specified to the statement, the customer should be able to sue the provider for ransomware damages including ransomware payment.

 

Yes, system admin can install program that registers kernel-level driver. Or administrator may choose to not install security software registering kernel-level driver. It is administrator choice.
If administrator is end consumer protecting private device for personal use, then maybe they would liable because at least in EU vendors are supposed to provide fool-proof product. However law, at least in EU, does not require such fool-proofness for business to business products as far as I know. The customer bussiness is supposed to have qualified staff that decides whether or not use such a tool and how broadly deploy it. The fact that Crowdstrike provides mostly bussiness to business software gives them some hope to not be liable, at least not towarda europen customers

 

I wasn't necessarily suggesting that I agreed with it, just that I suspect it to be the excuse they are using to include Microsoft. Rule number one of a lawsuit. Never sue poor people and include everyone that has a good sum of money.

 

As would be expected when you are being sued.

 

LOL, this was a good one.

CrowdStrike should be ashamed of themselves, I think many customers will switch to other solutions. But I wonder how this disaster will change the design of Windows 12. According to rumors, they will probably follow macOS and force security solutions to operate in user-mode. But this might also weaken protection against malware.