CrowdStrike admits faulty content update wasn't tested on a real machine
CrowdStrike acknowledged a bug in its software that caused 8.5 million Windows machines to crash due to a faulty update. The company plans to enhance testing protocols and update validation processes.
Read original article
CrowdStrike has acknowledged that a bug in its test software led to the failure of 8.5 million Windows machines due to a problematic content update. The incident occurred when a configuration update intended to gather telemetry on potential threats caused widespread system crashes. The update, which was part of CrowdStrike's Falcon software used for malware management, included a small 40KB Rapid Response Content file that triggered an out-of-bounds memory exception, resulting in a Blue Screen of Death (BSOD) for affected systems.
CrowdStrike's post-incident review revealed that a flaw in the Content Validator allowed the faulty update to pass validation. Although the company conducts both automated and manual testing on its Sensor Content, it appears that the Rapid Response Content did not undergo sufficient testing. To prevent future occurrences, CrowdStrike plans to enhance its testing protocols, including local developer testing, stress testing, and improved error handling in the Content Interpreter. Additionally, the company will implement a staggered deployment strategy for updates, gradually rolling them out to minimize risk. CrowdStrike is also updating its cloud-based Content Validator to better scrutinize Rapid Response Content before deployment. These measures aim to restore confidence in the update process and ensure system stability moving forward.
Related
CrowdStrike broke Debian and Rocky Linux months ago
CrowdStrike's faulty update caused a global Blue Screen of Death issue on 8.5 million Windows PCs, impacting sectors like airlines and healthcare. Debian and Rocky Linux users also faced disruptions, highlighting compatibility and testing concerns. Organizations are urged to handle updates carefully.
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.
Falcon Content Update Preliminary Post Incident Report
CrowdStrike faced Windows crashes due to a faulty update on July 19, 2024. The issue affected Falcon sensor versions 7.11 and above but not Mac or Linux systems. CrowdStrike reverted the update, plans enhanced testing, validation, and deployment strategies, and will provide more control to customers.
CrowdStrike Incident Preliminary Post Incident Review
CrowdStrike faced a system crash on July 19, 2024, caused by a faulty Windows content update, resulting in a BSOD. Measures were taken to prevent future incidents, with affected Windows hosts identified and addressed. CEO apologized, ensuring normal operations, while Mac and Linux hosts remained unaffected.
CrowdStrike Timeline Mystery
On July 19, 2024, a faulty CrowdStrike update caused system crashes globally, affecting 8.5 million devices and leading to significant disruptions, including 5,000 canceled flights, prompting recovery efforts.
5 commentsReal code writers don't test their code. Every user is a tester. /s
Related
CrowdStrike broke Debian and Rocky Linux months ago
CrowdStrike's faulty update caused a global Blue Screen of Death issue on 8.5 million Windows PCs, impacting sectors like airlines and healthcare. Debian and Rocky Linux users also faced disruptions, highlighting compatibility and testing concerns. Organizations are urged to handle updates carefully.
Microsoft says 8.5M systems hit by CrowdStrike BSOD, releases USB recovery tool
Microsoft addressed issues caused by a faulty CrowdStrike security update affecting 8.5 million Windows systems. A USB recovery tool was released to delete the problematic file, emphasizing the need for thorough update testing.
Falcon Content Update Preliminary Post Incident Report
CrowdStrike faced Windows crashes due to a faulty update on July 19, 2024. The issue affected Falcon sensor versions 7.11 and above but not Mac or Linux systems. CrowdStrike reverted the update, plans enhanced testing, validation, and deployment strategies, and will provide more control to customers.
CrowdStrike Incident Preliminary Post Incident Review
CrowdStrike faced a system crash on July 19, 2024, caused by a faulty Windows content update, resulting in a BSOD. Measures were taken to prevent future incidents, with affected Windows hosts identified and addressed. CEO apologized, ensuring normal operations, while Mac and Linux hosts remained unaffected.
CrowdStrike Timeline Mystery
On July 19, 2024, a faulty CrowdStrike update caused system crashes globally, affecting 8.5 million devices and leading to significant disruptions, including 5,000 canceled flights, prompting recovery efforts.