That does appear to be the case; CrowdStrike pulled the release trigger and it was all over at that point.Unless of course Crowdstrike's update mechanism prevents that.
The "not Microsoft's fault" argument seems to be that CrowdStrike needs to run a kernel level process and it was CrowdStrike itself loading something broken and using that which took things down - "Microsoft couldn't do anything to prevent that, or recover from it".
Quite probably true. But Microsoft allowed or forced that to be the situation. Microsoft have to take responsibility for allowing what happened to happen, not providing something better. They would have known the risks of what they were doing.
Or are we going to absolve all those who allow server side injections and side-channel attacks to take systems down from blame ?
The thing there is, who did the ultimate 'victims' of down-time have contracts with - implied or explicit - which would entitle them to compensation ?I just hope those people affected (missed flights, missed hospital appointments, etc) get the compensation they are due.
I suspect whoever they may have tentatively had contracts with can play their "force majeure" cards.
Statistics: Posted by hippy — Wed Jul 24, 2024 1:03 pm