Thousands of Windows devices “blue died” at banks, airlines, TV stations, supermarkets and other businesses around the world on Friday morning, and later in the day it was revealed that the widespread outage disrupting businesses was caused by a faulty update by security firm CrowdStrike and not by an intentional malware, as feared. it was an action or series of attacks.
The problem directly affected Windows systems around the world: on thousands of laptops, terminals, and vending machines, the well-known BSOD error screen appeared at system startup, and it was not possible to get rid of it or get the device to work even with a restart.
The global phenomenon was connected to the use of the Falcon Sensor for preventing attacks against computer systems, or more precisely, a problematic file arriving with its latest update caused the situation. Since the Falcon Sensor software has deep access to the operating system’s resources, it may have happened that Windows responded to the error in the update with blue death.
According to Microsoft’s information, 8.5 million devices may have been affected by the shutdown, which is less than 1 percent of Windows devices, yet the incident had a wide economic and social impact, as a result of which flights had to be canceled, stores became inoperable and, overall, the service was interrupted from several sides. life. The case once again highlights how vulnerable digital supply chains that are based on each other are.
Also contributing to the problem was the fact that, being an automatic update, the user could not delay the installation, and the testing process itself was not ideal: in this case, CrowdStrike could not test the update thoroughly enough before sending it out, so one of the main lessons from this case could be that large companies should review their vendors’ auto-update practices.
Source: www.hwsw.hu
