Days after a faulty update took down an estimated 8.5 million Windows computers, CrowdStrike, the cybersecurity firm that caused the crash, has shared more information about how exactly it occurred.In its initial post-incident review published Wednesday, CrowdStrike says a bug in its validation systems allowed some “problematic content data” to skirt past existing checks. The data was in what CrowdStrike calls a “Rapid Response Content” update, which is stored in a binary file and therefore is not code or a kernel driver.”Problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD),” the company explains.The update that caused the massive Windows outage was tested back in March, and deployed months later on July 19. Any company using CrowdStrike’s services with Windows computers connected to the internet with sensor version 7.11 or newer at the time the update was pushed was impacted, CrowdStrike confirmed in the post. Numerous businesses, government offices, and institutions were immediately debilitated by the faulty update and were unable to operate normally. Airlines delayed or cancelled tens of thousands of flights worldwide, some credit card payments were unable to fully process, packages were delayed, and US Social Security and drivers’ services offices were unable to help customers.
Recommended by Our Editors
Atlanta-based airline Delta is still facing substantial challenges in the wake of the CrowdStrike Windows crash, sparking a federal investigation. Rumors that Southwest Airlines’ systems remained operational because it supposedly uses an ancient version of Windows are false and have not been confirmed by Southwest (Southwest and Alaska simply don’t use CrowdStrike, ABC reports). Southwest declined to comment because its earnings call will occur on Thursday.CrowdStrike says its faulty update was intended to help it collect data on “possible novel threat techniques” to prevent devastating cyberattacks. Ironically, it’s now added this very update to its “known-bad list” to prevent future crashes.
Get Our Best Stories!
Sign up for What’s New Now to get our top stories delivered to your inbox every morning.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
