Microsoft Outlook Elevation of Privilege: A Known Vulnerability What is the vulnerability? On March 14, 2023, Microsoft has a critical one
Could the Crowdstrike glitch that took down 8,5 million Windows devices last Friday have been avoided?
“Yes!” says Tim Schughart, CEO of ProSec GmbH and IT security expert, in an article in Business Week.
But let's start at the beginning: On Friday, a faulty software update from the company Crowdstrike led to failures of computers and servers that use the Windows operating system.
The consequences are felt worldwide, as the company has almost 30.000 customers worldwide, including global players such as Amazon and Intel.
But smaller customers are also affected, with bank customers no longer being able to withdraw money, hospitals having to postpone operations and flights being cancelled. In Germany, critical infrastructure companies are also affected.
Tim Schughart, our CEO, is certain that this glitch could have been avoided. He also would have liked to see more transparency in dealing with the problem.
What we do know is that there was a quality assurance error. And that shouldn't have happened.
He goes on to say that the key point is the reproducibility of the error, as it affects all customers and not just a small number. Given the extent of the problem, it can be assumed that this update has not been properly tested.
He also criticizes the way the problem is being handled: Since IT security has to be addressed at the most sensitive points, the risk of destroying something is particularly high. That is why caution is always required here. This is the only way to successfully defend against cyber attacks.
Schughart also emphasizes, however, that this incident is no reason to fundamentally doubt the quality of the company.
Crowdstrike will replace the faulty update on Friday. But now, as is often the case, the customer has to take action themselves. Schughart explains that customers often have to manually remove the faulty file from their computer so that the system can then download the new, error-free file.
In this case, too, customers must take action themselves: Microsoft published instructions for customers with Microsoft cloud machines on Friday that allow them to restore the system state before the update.
Microsoft Outlook Elevation of Privilege: A Known Vulnerability What is the vulnerability? On March 14, 2023, Microsoft has a critical one
Leadership vs. Management – successful change management Leadership vs. Management, what exactly are the differences? And what does it take?
How hackers exploit Azure App Registration Should standard users in your tenant be allowed to perform Azure App Registration? The
We use cookies, and Google reCAPTCHA, which loads Google Fonts and communicates with Google servers. By continuing to use our website, you agree to the use of cookies and our privacy policy.