Security firm CrowdStrike has posted a preliminary post-incident report about the botched update to its Falcon security software that caused as many as 8.5 million Windows PCs to crash over the weekend, delaying flights, disrupting emergency response systems, and generally wreaking havoc.
The detailed post explains exactly what happened: At just after midnight Eastern time, CrowdStrike deployed "a content configuration update" to allow its software to "gather telemetry on possible novel threat techniques." CrowdStrike says that these Rapid Response Content updates are tested before being deployed, and one of the steps involves checking updates using something called the Content Validator. In this case, "a bug in the Content Validator" failed to detect "problematic content data" in the update responsible for the crashing systems.
[...]
CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs
CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs
-
rbc
- President
- Posts: 271
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
CrowdStrike blames testing bugs for security update that took down 8.5M Windows PCs
Robert B. Carleton + ISC2 Central Mississippi President