ELI5 how this could happen?
Working in IT myself, this is incomprehensible. Every common practice and process has been violated for this to even have happened, not just by CrowdStrike but especially by the customers.
Every damn backyard or garage dev stages any kind of change or patch. Multiple times. A new patch doesn’t just appear on a live / production environment.
This is exactly what must have happened here though, it sounds like some idiots had auto updates enabled and companies even rolled it out to the whole workforce without any checks.
How is this possible? Who in their right mind does not deploy updates, especially of critical security systems, to an isolated dev environment first? I just don’t get it! This should not have been able to happen at all, it was 100% avoidable by following proper procedures. I hope many IT departments in the affected companies get purged for this gross incompetence
So as I understand it if you are the IT dude, before you get a windows update on your say..200 computer network, you isolate three computers as test computers. You ok the updates for these tree test computers only , not the rest. Leave to simmer for 2 weeks, if nothing fuckey happens, on these three computers ,,,deploy those tested updates to rest of office computers. Right?
Did this not happen? did it automaticly update the pcs without asking permission or did the IT guys just trust this company cause they are supposed to be the experts, not test and role out to everything?
Latest Answers