Did a font change in a PDF cause the Crowdstrike fail?
Jonathan Fine
jfine2358 at gmail.com
Fri Jul 19 21:26:01 CEST 2024
Hi
We now have more information about the CrowdStrike fault. According to
wikipedia, "an update to a configuration file [...] conflicted with the
Windows sensor client [...] causing a blue screen of death".
I was working from the hint from Joe Tidy, that the cause might be an
innocous change in font or logo. I regard a change to a configuration file
as something else. CrowdStrike describes the change in configuration as "a
content deployment". This may have misled Joe Tidy, and thus myself.
Even though CVE-2024-4367 is a serious vulnerability, arising from the size
of the standard and the complexity of the interactions between the
different parts, in the matter of the CrowdStrike incident PDF is innocent.
Here's the links:
https://en.wikipedia.org/wiki/2024_CrowdStrike_incident
https://www.crowdstrike.com/blog/statement-on-falcon-content-update-for-windows-hosts/
I'm happy now to consider this matter closed.
with kind regards
Jonathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://tug.org/pipermail/texhax/attachments/20240719/fb58e5ea/attachment.htm>
More information about the texhax
mailing list.