Secure updates
German BSI draws lessons from Crowdstrike mishap
The German Federal Office for Information Security (BSI) is proposing measures to improve operational stability so that faulty updates do not have such drastic consequences in future as they did in the major IT breakdown on July 19.
In talks with the software companies Crowdstrike and Microsoft, the BSI has already developed initial measures to prevent similar incidents in the future, according to a BSI statement.
Safe mode must always work
The BSI will also work with both companies and manufacturers of comparable software solutions to ensure that the respective operating system can always be started at least in safe mode, even in the event of serious errors. The BSI's long-term goal is also to "have new and resilient components designed and implemented". These should have the same functionality and protective effect as before, with less far-reaching intervention rights in the operating systems.
A faulty update for IT security software from Crowdstrike recently caused widespread disruption in many places around the world. An estimated 8.5 million Windows computers were affected. The consequences were felt particularly strongly in air traffic, but some supermarkets, hospitals and television stations also had problems.
Crowdstrike later discovered that the test mechanisms for the software update were leaking a faulty file, which then caused Windows computers to crash. The test systems are now being improved and updates are to be rolled out gradually in future so that any problems do not affect all customers immediately.
This article has been automatically translated,
read the original article here.
Kommentare
Willkommen in unserer Community! Eingehende Beiträge werden geprüft und anschließend veröffentlicht. Bitte achten Sie auf Einhaltung unserer Netiquette und AGB. Für ausführliche Diskussionen steht Ihnen ebenso das krone.at-Forum zur Verfügung. Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.
User-Beiträge geben nicht notwendigerweise die Meinung des Betreibers/der Redaktion bzw. von Krone Multimedia (KMM) wieder. In diesem Sinne distanziert sich die Redaktion/der Betreiber von den Inhalten in diesem Diskussionsforum. KMM behält sich insbesondere vor, gegen geltendes Recht verstoßende, den guten Sitten oder der Netiquette widersprechende bzw. dem Ansehen von KMM zuwiderlaufende Beiträge zu löschen, diesbezüglichen Schadenersatz gegenüber dem betreffenden User geltend zu machen, die Nutzer-Daten zu Zwecken der Rechtsverfolgung zu verwenden und strafrechtlich relevante Beiträge zur Anzeige zu bringen (siehe auch AGB). Hier können Sie das Community-Team via unserer Melde- und Abhilfestelle kontaktieren.