2.5 Admins 2.5 Admins 206: CrowdStruck
6 snips
Aug 1, 2024 Jake Williams, a cybersecurity expert renowned for his insights on ransomware, dives into the chaos sparked by a faulty CrowdStrike update that left Windows users in a blue screen frenzy. He shares the hilariously awkward ESXi vulnerability that ransomware gangs are eagerly exploiting. The conversation also touches on the complexities of memory management and the challenges of kernel vulnerabilities. Plus, Jake provides actionable advice on optimizing storage performance with SAS drives and PCIe cards, ensuring your system runs smoother.
AI Snips
Chapters
Transcript
Episode notes
CrowdStrike Outage Root Cause
- A CrowdStrike update caused widespread Windows crashes due to a faulty data file, not a code update.
- The kernel-level driver tried to access invalid memory, leading to endless blue screen loops.
CI/CD Importance
- Implement a robust CI/CD pipeline to catch errors before they hit production.
- Test updates on various Windows versions to avoid widespread system failures.
Monoculture Risks
- Monocultures in software create vulnerabilities, as seen with the widespread Windows/CrowdStrike outage.
- Diversifying operating systems and security software can mitigate large-scale failures.
