Major CrowdStrike bug paralyzes Windows: Mac endpoints not affected
On Friday, computers running Windows went down worldwide due to an update of the CrowdStrike security software. macOS users need not worry.
Advertising for CrowdStrike Falcon for macOS.
(Image: CrowdStrike)
The IT security company CrowdStrike confirmed on Friday that no macOS users are affected by massive problems with its security software. The so-called endpoint security software called Falcon also exists for Apple computers and is used by corporate customers. It promises "industry-leading protection and response capabilities for macOS environments", according to the company. "Make malware and sophisticated attacks null and void - even when you're offline."
Worldwide chaos due to update
The statement was not preceded by a good day for Windows administrators and their users: Should the popular security software run on the computer, there were massive outages on Friday due to a faulty Falcon update. Airports, banks, supermarkets and countless offices all over the planet were unable to work or could only work partially. Temporary solutions are now in place and the machines are starting up again. However, the industry will have to grapple with the incident, which could have been a cyber attack, for some time to come.
CrowdStrike also announced that Linux hosts were not affected. For Windows, the problem has been identified and isolated and a fix will be made available. Its team has been "fully mobilized". The problem is that it is not possible to simply roll out a patch, as the machines no longer start and appear to be stuck in a "blue screen of death" (BSOD). A file must be deleted in order for the computers to start up again. This is called C-00000291*.sys and can be found in the directory
C:\Windows\System32\drivers\CrowdStrikedirectory. If this file has the timestamp "05:27 UTC 19/07/2024" or newer, it is already the corrected version.
CrowdStrike also for the Mac
Endpoint security software is a more complex form of protection against malware and other data malware that is deeply integrated into the system. This is also the case on the Mac, even if it usually suffers fewer attacks than Windows. Falcon is available for both Intel and Apple Silicon Macs and is designed to give administrators "unparalleled visibility" when monitoring their Apple computers. This includes "thread intelligence" and the ability to prescribe "IT hygiene". The aim is to warn of zero-days, ransomware and more complex attacks. Falcon can also control devices, such as USB devices, and includes firewall management on the Mac.
Apple has also experienced major outages due to a small change on a smaller scale than today. In 2020, a verification server for signatures under macOS failed, which prevented or severely delayed the launch of apps. The remedy was to disable internet access.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(bsc)