- A global Microsoft Windows outage, caused by a CrowdStrike software update, has disrupted airlines, banking services, and 911 lines, leading to grounded flights and long queues.
- The issue resulted in many systems experiencing the “Blue Screen of Death” (BSOD), affecting major carriers and airports worldwide, and also impacted the London Stock Exchange and Australian banking systems.
- CrowdStrike has identified and isolated the defect, deploying a fix, but recovery is expected to be slow due to the need for manual intervention on affected devices.
And that’s why the IT dept needs to test all software updates before rolling them out on the productive systems.
Yeah, a lot of people are (understandably) mad at Crowdstrike right now, but I want to drag some c-suite executives into a conference room and impress upon them the value of allocating budget for test environments and disaster recovery. Banks, airlines, service providers, these aren’t mom-and-pop bakeries and plumbers who don’t have time for all that nonsense. Every service that went down should be looking for the fuckwit in their organization, and they’re probably in the executive lounge. Anyone can make a mistake, but it takes dedication to systematically ignore the best advice of top experts in the field and run your infrastructure on a shoestring budget.
IT is just a cost center to most executives.
Software development is also a cost center in my company I work for.
I mean, they do have a test environment. Everyone does have one!
They’re just missing a separated production environment…
Man, money for a test environment is pretty low on my list of priorities right now. I’m trying to row a 20 man boat with one other person.
The CTO of Clownstrike presided over a similar disaster in 2010 too. AFAIK.
Nah real men commit straight to prod. Why yes, I do have 13 bastard children, condoms are also for cowards
Guys…this is TOTALLY Rick. He’s just avoiding his child support payments.
I invoke the shaggy defense
Yes, don’t do what I do at home and edit live PHP with users on the server…
If they’re as slow to roll out the updates to CS as they are the rest of the updates we’ll be a year behind on CS updates haha.
Been awhile since we’ve POCed Crowdstrike, but I don’t think you can set the cadence on updates for Crowdstrike. I believe Crowdstrike enforces auto-updates, it was at least the default setting.
afaik It wasn’t a software update that we all think. It was a content update that you can’t even delay update(I’m assuming it’s fordidentifying new viruses…etc). Updating software itself can be delayed and was usually being tested by IT guys before doing so. Content update however seemed harmless and wasn’t the case.
Crowdstrike fucked up. There seems to be nothing mucy IT depts could’ve done.
Deploy to prd! I’m on holiday.