Priya Patel
TLDR:
- CrowdStrike released a misconfigured update to its Falcon platform causing a global PC outage.
- The update impacted PCs running version 7.11 and above of the Falcon Sensor.
Article Summary:
CrowdStrike, a cyber security firm, revealed that a misconfigured Rapid Response Content update to its Falcon platform caused a global PC outage. The update, released on July 19 at 04:09 UTC, affected machines running version 7.11 and above of the Falcon Sensor until it was reverted at 05:27 UTC. Rapid Response Content, different from Sensor Content, is automatically deployed to track and identify new threats. The incident was caused by a bug in the Content Validator, leading to an out-of-bounds memory read triggering a Windows operating system crash. This resulted in over 8 million Windows 10 PCs being affected globally.
In response to the incident, CrowdStrike plans to improve its Rapid Response Content testing, add validation checks, and enhance error handling in deployments. They will also stagger the deployment of updates to give customers control. Furthermore, the company will publicly release a full Root Cause Analysis once the investigation is complete.
This incident highlights the importance of rigorous testing and validation in software updates and the need for companies to prioritize error handling and customer control in update deployments to prevent widespread outages.
