By not deploying Crowdstrike?
Discussion
Disable automatic updates policy and turn it back on after updates have proven valid and working in other environments. Never rely on vendors automatically updating your machines.
Seems like it affected several versions of the sensor (see the link I posted). There was no software update involved. It was in the channel file updates. I also don't admin Crowdstrike myself, so I don't know if that could have been prevented.
I'm not familiar with it either, just from what I read earlier. I now admin all RedHat Linux systems, with Oracle middleware running ERP systems and all of the infrastructure with those.
The update isn't rolled out via an agent update. The update is a detection controlled by Crowd strike and it is how their solution operates. It is a fairly black box solution that handles detections on its own. It is one of the reasons why SOC's love it because they can focus on triage rather than tuning since many orgs don't have the in-house expertise or resources to create detections for all the latest threats. Out sourcing security like this has a huge cost though as we see.