Was it some combination of CrowdStrike with some other software, or a specific driver, or specific windows version or did the affected machines take many hours before they showed the symptoms?
Because I can’t imagine that 100% of machines are immediately affected? That would indicate that CrowdStrike shipped an update to a kernel mode piece of code to millions of machines without testing it on one machine first?
The post mortem will be interesting but there *has* to be something more to this. Perhaps this was just a staged rollout to 5% of machines and it’s still larhe enough to cause this? Or maybe it was tested but still slipped trough because they tested on some env that isn’t affected? I *can not* be a big bang 100% rollout to 100% susceptible devices. That would be the largest denial of service attack ever conducted…
Latest Answers