YALE-MSS-5.4: Ensure all software is actively supported by a vendor or open-source project

Crowdstrike Outage Cybersecurity

Recently, a faulty update from CrowdStrike caused a worldwide technical outage. The outage mostly impacted Windows systems. CrowdStrike confirmed this was a technical issue and not a cybersecurity attack. However, we should be aware of how cybercriminals will use this outage to their advantage.

Standards Group:
YALE-MSS-5: Software Security

Low Risk Endpoint Required Moderate Risk Endpoint Required High Risk Endpoint Required Low Risk Server Required Moderate Risk Server Required High Risk Server Required Low Risk Mobile Device Required Moderate Risk Mobile Device Required High Risk Mobile Device Required Low Risk Network Printer Required Moderate Risk Network Printer Required High Risk Network Printer Required

Details

Guidance

Implement a plan to replace software before it goes out of support. This may include replacing hardware to run supported software.

Details and definitions

Ensure all software is actively supported by a vendor, open-source project, or Yale.

Reason for the standard

Unsupported software no longer receives updates, significantly increasing the risk of a security incident.

Crowdstrike Outage Cybersecurity

YALE-MSS-5.4: Ensure all software is actively supported by a vendor or open-source project

Standards Group:YALE-MSS-5: Software Security

Details

Standards Group:
YALE-MSS-5: Software Security