Microsoft has New details were published of the true extent of the damage caused to systems around the world by the CrowdStrike Incidentestimating that less than one percent of Windows devices have been affected, as well as describing what it is doing to help companies that use its services implement a fix.
Part of the problem is that CrowdStrike's recommendations alternative solutionAlthough it is almost too simple, it must be manually deployed to every Windows computer in an organization unless that organization's systems administrator can automate the process.
Microsoft is doing its best to be as clear as possible about its own interests. Recommended recovery methodsBut, since there is no automatic solution and some systems require booting into Safe Mode, CrowdStrike warns users that it may be “sometimes” Before the world recovers.
Market competition: it's good, actually
Microsoft Windows is, without a doubt, the most popular operating system in the world. As business technology fans, we love that Linux is making great stridesBut its technical philosophy is no match for Microsoft's laser focus on ease of setup and use.
As a result, it has become ubiquitous. The fact that “less than one percent” of all Windows devices (eight and a half million of them) exist makes it seem obvious (or perhaps it did) to configure Windows client PCs to support a Windows-based system.
Now you're seeing the problem. CrowdStrike's cloud-based Falcon company endpoint protection The software, the reason we are here, is based on Windows. Companies still have the freedom to choose the software to protect their backend from the prevailing cyberthreats, but if an endpoint software can totally and completely fail in this way, then anyone can.
The CrowdStrike incident raises more questions than we can answer at this point, but it raises the important point that companies should not put all their eggs in one basket or neglect to understand their systems while believing they can implicitly trust software vendors.
Automatic updates can be great for fixing emergency problems, but when they are not subject to sufficient quality control testing (as appears to be the case here), the consequences can be catastrophic. It is entirely possible, and even a matter of time, before we are back here reporting on airports and rail systems coming to a standstill.
I'm the data and cloud guy on this website, something of an “expert” apparently. And yet when someone with a modicum of technical knowledge can tell me “show me what happens when you run everything from the cloud” all I say is “why haven't more people in companies considered this?” when it's always been there, brewing in the background. While we completely ignore it.
