The CrowdStrike software update that caused a global outage of IT systems last week was caused by a bug in the company’s control mechanism, the company said on Wednesday (24 July).
The outage, which shutdown services across healthcare, banking, aviation and retail, occurred due to a fault in CrowdStrike’s Falcon Sensor on Friday (19 July). The fault forced computers running Microsoft’s Windows operating system to crash and show the “Blue Screen of Death”.
CrowdStrike’s Falcon software is used by businesses around the globe to aid against security breaches on millions of Windows machines.
In a company statement, CrowdStrike said: “Due to a bug in the Content Validator, one of the two Template Instances passed validation despite containing problematic content data.
“When received by the sensor and loaded into the Content Interpreter, problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception.
“This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash.”
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThe company has not revealed what the problematic content data was.
In order to prevent this from happening again, CrowdStrike has announced it will be looking to improve its internal testing.
The Texas-based company said it would be release a “staggered deployment strategy” when dealing with updates similar to the one that caused the outage.
All updates will be “gradually deployed” in order to minimise the risk of harming huge numbers of severs and IT systems at once, the company said.
Is it time for a automatic update rethink?
The global outage is estimated to have impacted over 8.5 million Windows devices.
Despite affecting less than one per cent of all Windows machines, the outage caused global chaos across multiple industries, grounding airplanes, disrupting healthcare and halting public services.
As the fallout from the outage continues, experts have suggested that IT services could be becoming too trusting of vendors.
In many cases, such as the case with CrowdStrike, enterprises simply trust the vendor to ensure all software components are up to date and in working order.
Steven Schuchart, principal analyst at GlobalData, said enterprises need to consider putting the brakes on automatic updating, and start taking some more responsibility for their own security.
Schuchart believes that enterprises need to move to a process “where IT is more involved and in the path of approval.”
“Responsibility lies with the enterprise, even if the mistake is a vendor’s,” he said.
“This will require more time and resources, but it’s a luxury to offload the responsibility for software updates to vendors,” Schuchart said.
“Airplane pilots inspect their planes themselves, despite having seasoned ground crew and mechanics on hand. In short, everybody must agree that all lights are green for a plane to fly.”