[Feelings & Sharing] CrowdStrike发布事件后初步审查,测试环节的锅
Tofloor
poster avatar
f@deepin
deepin
2024-07-24 15:30
Author

*What Happened on July 19, 2024? *

2024年7月19日发生了什么?
On July 19, 2024, two additional IPC Template Instances were deployed. Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data.

2024年7月19日,部署了另外两个IPC模板实例。由于内容验证器中的bug,尽管包含有问题的内容数据,但两个模板实例中的一个通过了验证。

Based on the testing performed before the initial deployment of the Template Type (on March 05, 2024), trust in the checks performed in the Content Validator, and previous successful IPC Template Instance deployments, these instances were deployed into production.

基于在模板类型初始部署(2024年3月5日)之前执行的测试、对Content Validator中执行的检查的信任以及以前成功的IPC模板实例部署,这些实例被部署到生产环境中。

When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD).

当传感器接收到并加载到内容解释器中时,通道文件291中有问题的内容会导致越界内存读取触发异常。无法正常处理此意外异常,导致Windows操作系统崩溃(BSOD)。

https://www.crowdstrike.com/falcon-content-update-remediation-and-guidance-hub/

https://www.ithome.com/0/784/059.htm

Reply Favorite View the author
All Replies
璀璨星空
deepin
2024-07-24 15:43
#1

doubt

Reply View the author
f@deepin
deepin
2024-07-24 16:02
#2
璀璨星空

doubt

糟糕,沙发被你抢了

Reply View the author
Oli
deepin
2024-07-24 16:20
#3

agree

Reply View the author
麻烦告诉我小浣熊哪里有
deepin
2024-07-24 17:36
#4

like

Reply View the author
燕子大王来也!
deepin
2024-07-24 18:04
#5

shamed

Reply View the author
流星追月
deepin
2024-07-24 21:47
#6

不厌其烦的转发洗地文章,我就不厌其烦劝大家不要相信,洗地文章。

越是喜欢发洗地文章,越是动机不纯。

Reply View the author
sshnuke
deepin
2024-07-24 22:57
#7

crwd明显就是军方背景的用政府关系绑架用户的关系户企业 类似麒麟 翻车只是时间问题

不要把美帝的关系户不当关系户

Reply View the author
f@deepin
deepin
2024-07-25 09:58
#8

微信图片_20240725095838.jpg

更抽象

Reply View the author