CrowdStrike blames mismatch in Falcon sensor update for global IT outage
Cybersecurity Dive
|
Contributed by: Drex DeFord
Summary
A software update error in CrowdStrike's Falcon sensor led to a major IT outage affecting millions of Microsoft Windows systems globally on July 19. The root cause analysis identified that the Falcon sensor expected 20 input fields, but the update provided 21, resulting in an out-of-bounds memory read and a system crash. CrowdStrike announced steps to prevent such incidents from recurring and predicted insured losses up to $1 billion and direct impacts of $5.4 billion for Fortune 500 companies. Although the bug is non-exploitable by hackers, the incident has prompted CrowdStrike to enhance its design and operational processes, potentially slowing innovation. The fallout includes scrutiny from authorities and ongoing disputes with clients like Delta Air Lines, which claims significant financial losses.