A software update from CrowdStrike caused Microsoft Windows systems to crash, disrupting airline travel, healthcare, government services, and many other critical industries and organizations globally.
CrowdStrike released a content update for Falcon customers designed to detect newly observed, malicious named pipes being used by common C2 frameworks in cyberattacks. The erroneous update sent computers around the globe into the dreaded blue screen of death.
First, we believe security vendors hold great responsibility. We all occupy a privileged position with access to the heart of customers’ systems known as the kernel, and there are best practices to ensure that all code deployed there is certified by Microsoft, and not changed without the approval and knowledge of the customer.
And second, at Trellix we employ a conservative approach anchored by three imperatives: Transparency, Choice, and Responsibility.
Transparency
Our customers have visibility into the way we package our code.
Choice
Our customers have control over kernel level changes.
Responsibility
Our customers should be protected against people and process errors.
Our support and services teams are mobilized to help you rebuild and recover. Trellix customer or not, you can contact our support and we can help with recovery procedures.
Existing Customers: Log in to Thrive and open a case - we have support standing by.
New Customers: Call 1-800-937-2237 or a local support phone number.