CrowdStrike Reveals Root Cause of Global System Outages
thehackernews.com
|
Contributed by: Reid Stephan
Summary
CrowdStrike has published a root cause analysis explaining the Falcon Sensor software update crash known as the "Channel File 291" incident, which affected millions of Windows devices. The issue was traced to a content validation problem arising from a new Template Type designed to detect novel attack techniques on Windows systems. A mismatch between input parameters during content validation resulted in out-of-bounds memory reads, causing system crashes. CrowdStrike has implemented several measures to address the issue, including increased testing, new validation checks, and independent code reviews. Despite these efforts, Delta Air Lines claims the incident cost it $500 million in disruptions and is seeking damages from CrowdStrike and Microsoft. Both companies have responded to the criticism, suggesting Delta's issues may extend beyond the security update.