All our servers and company laptops went down at pretty much the same time. Laptops have been bootlooping to blue screen of death. It’s all very exciting, personally, as someone not responsible for fixing it.

Apparently caused by a bad CrowdStrike update.

Edit: now being told we (who almost all generally work from home) need to come into the office Monday as they can only apply the fix in-person. We’ll see if that changes over the weekend…

  • spyd3r
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    38
    ·
    4 months ago

    Never update unless something is broken.

    • Toribor@corndog.social
      link
      fedilink
      English
      arrow-up
      58
      ·
      4 months ago

      This is fine as long as you politely ask everyone on the Internet to slow down and stop exploiting new vulnerabilities.

      • Ookami38
        link
        fedilink
        English
        arrow-up
        22
        ·
        4 months ago

        I think vulnerabilities found count as “something broken” and chap you replied to simply did not think that far ahead hahah

        • huginn@feddit.it
          link
          fedilink
          English
          arrow-up
          14
          ·
          4 months ago

          For real - A cyber security company should basically always be pushing out updates.

          • sugar_in_your_tea
            link
            fedilink
            English
            arrow-up
            4
            ·
            4 months ago

            Exactly. You don’t know what the vulnerabilities are, but the vendors pushing out updates typically do. So stay on top of updates to limit the attack surface.

            Major releases can wait, security updates should be pushed as soon as they can be proven to not break prod.

          • wreckedcarzz@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            4 months ago

            always pushing out updates

            Notes: Version bump: Eric is a twat so I removed his name from the listed coder team members on the about window.

            git push --force

            leans back in chair productive day, productive day indeed

        • sugar_in_your_tea
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          I use Tumbleweed, so I only get updates once/day, twice if something explodes. I used to use Arch, so my update cycle has lengthened from 1-2x/day to 1-2x/week, which is so much better.

          • Nachorella@lemmy.sdf.org
            link
            fedilink
            English
            arrow-up
            2
            ·
            4 months ago

            I really like the tumbleweed method, seems like the best compromise between arch and debian style updates.

            • sugar_in_your_tea
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              4 months ago

              I think a lot of what (open)SUSE does is pretty solid. For example, microOS is a fantastic compromise between a stable base and a rolling userspace, and I think a lot of people would do well to switch to it from Leap. I currently use Leap for my NAS, but I do plan to switch to microOS.

    • Hotzilla@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      2
      ·
      4 months ago

      This is AV, and even possible that it is part of definitions (for example some windows file deleted as false positive). You update those daily.