Opinion: Millions of critical computers and servers around the world went down because CrowdStrike, a major cybersecurity firm that offers enterprise services, pushed a faulty Windows update to its customers’ machines.
Airports, banks, public transportation infrastructure, enterprises work computers and servers… Every PC or server that received the faulty update went down for a varying amount of time until it was repaired.
Only Windows hosts were affected by this bug. Linux and macOS hosts were not affected.
CrowdStirke has published an official statement about what happened.
It turns out, the issue was in a faulty file that was loaded by a kernel driver. Since the file contained a grave bug, the driver failed to load properly and hence took the entire operating system down with it.
The fix was to boot the PC into safe mode and remove the mentioned file and then reboot.
Still, one can’t express enough how big the consequences of this silly bug were on the world’s economy. Millions of people suffered delays and other hardships around the world because of it.
CrowdStrike will definitely lose a lot of enterprise contracts and earn a few lawsuits because of the problem.
Still, this is not a blog post about CrowdStrike and its failure with its customers. Instead, there has been a question that’s been scratching the heads of many readers regarding how would Linux have helped in such a situation.
If these enterprise companies, airports, hospitals and other organizations were using Linux on their machines instead of Microsoft Windows, would that have helped to avoid this bug or prevent it?
The short answer is no.
Every operating system supports loading additional drivers according to the machine’s requirements. This applies to Windows, macOS, Linux and the BSD’s.
In the CrowdStrike case, a kernel driver referenced a faulty file that should have contained useful contents rather than what it actually had, leading to a full kernel failure and the operating system went down.
Since the kernel wasn’t able to load properly, then the other components of the operating system could not continue loading, of course.
What if Linux was the host in this scene? The same thing would have happened.
Linux (and other Unix-like operating systems) has a mode called “kernel panic” that the kernel will boot into if it fails to do any of its critical jobs.
These jobs could be related to drivers, disk partitions, I/O operations, hardware resources… And many other possible things.
So if a Linux-based machine received a similar update to the one that CrowdStrike has falsely distributed to its customers, then such machines would have booted into kernel mode as well and faced the exact same issue.
In fact, it has happened in the past with Linux and even with the same company.
Falcon Sensor, a threat defense mechanism developed by CrowdStrike that works on Linux, pushed a faulty update to CrowdStrike’s Linux-based customers just a few months ago in May 2024. It was again a faulty kernel driver that caused the kernel to go into panic mode and abort the booting process.
The bug affected both Red Hat and Debian Linux distributions, and basically every other Linux distribution based on these distributions.
So there you have it; it has happened in the past with Linux, and could happen again in the future. This was a quality assurance failure on CrowdStrike’s side, and the operating system in question had little to do in play here.
Of course, recovery and backup solutions exist in every operating system but it’s up to the system administrators to set them up accordingly. For example, with the Btrfs filesystem, openSUSE ships with a “snapshot” feature that could have automatically recovered the OS into an earlier state before the faulty update in such situations directly from the boot menu.
Windows installations could of course be set up to use a similar feature as well.
There are many reasons to switch to Linux, and there hasn’t been a better time to make that switch, but we should keep ourselves from spreading false information and rumors about other competitors like Windows in advocating for our cause.
Linux doesn’t need FUD to spread its adoption, and nor shall it gain it this way.
Other interesting reads:
With a B.Sc and M.Sc in Computer Science & Engineering, Hanny brings more than a decade of experience with Linux and open-source software. He has developed Linux distributions, desktop programs, web applications and much more. All of which attracted tens of thousands of users over many years. He additionally maintains other open-source related platforms to promote it in his local communities.
Hanny is the founder of FOSS Post.
Wanna leave a comment on this story? Check it out on our Outpost forum and participate in the conversation.
Leave a Comment