The article discusses the importance of eBPF (Extended Berkeley Packet Filter) in preventing catastrophic system crashes caused by problematic software updates, especially those involving kernel code. It follows an incident on July 19th, where a widespread Windows outage affected critical sectors worldwide due to a faulty kernel driver update by a security company. The article highlights how eBPF provides a secure execution environment that mitigates such risks by verifying code before execution, thus preventing system crashes. With Linux systems already leveraging eBPF, upcoming support for Windows is expected to extend these benefits across platforms. The article urges companies to require eBPF-based solutions to enhance system security and reliability.

Brendan Gregg's Blog brendangregg.com

Microsoft has released a free recovery tool to address a CrowdStrike update issue that caused the "blue screen of death" on 8.5 million Windows machines. The tool offers two repair options and supports various Windows environments, including those hosted on Hyper-V. The first option uses the Windows PE recovery environment and requires a USB drive to delete the corrupt file, although BitLocker users may need to enter recovery keys manually. The second option attempts to recover systems in safe mode and is aimed at specific configurations. Additionally, Fenix24 has developed a set of free, automated recovery scripts for Windows and VMware users to mitigate the issue without manual patching, although drive encryption may still necessitate manual intervention. Full instructions and additional details are available online for both solutions.

CrowdStrike Update: Microsoft Releases Windows Tool To Fix 8.5 Million Machines Forbes

Health system IT teams are progressively restoring computer systems and EHR access following a global outage caused by a faulty software update by CrowdStrike, which primarily impacted Windows-based computers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported continued malicious activity, including phishing attempts during the outage, and is working closely with CrowdStrike and other partners to monitor threats. Many hospitals, affected in nearly every state, have experienced scheduling delays and reverted to paper charting. Microsoft has released a recovery tool to assist, with endorsements from the American Hospital Association. Health systems and IT teams are praised for their swift and effective response to maintain patient care during the disruption.

Hospital IT Teams Still Working to Resolve CrowdStrike-Related Outage Issues HCINnovationGroup

The article discusses the discovery and implications of FrostyGoop, a new malware that has been identified targeting heating utilities in Ukraine. The malware, likely linked to Russian threat actors, has the potential to disrupt heating services, posing severe risks to public safety, especially during colder months. This development marks an alarming escalation in cyber warfare tactics, highlighting the vulnerabilities in critical infrastructure and the urgent need for improved cybersecurity measures within essential service sectors.

How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter — WIRED Wired