CrowdStrike outlines fixes in root cause report after global outage

1 month ago 76

CrowdStrike has released its root cause report of the faulty software update that caused one of the biggest IT outages in history. In its new post-mortem report, the cybersecurity firm investigated the error that led Windows machines to crash in July, admitting that there were issues with the testing process.

In its Root Cause Analysis (RCA) report, described how its Falcon sensor “delivers AI and machine learning to protect customer systems by identifying and remediating the latest advanced threats.”

The sensor, released in February, was produced to enable “visibility into possible novel attack techniques that may abuse certain Windows mechanisms.

“On March 5, 2024, following a successful stress test, the first Rapid Response Content for Channel File 291 was released to production as part of a content configuration update, with three additional Rapid Response updates deployed between April 8, 2024 and April 24, 2024,” CrowdStrike said. These “performed as expected” in production.

However, the sensor expected 20 input fields, but the update provided 21 input fields, causing a mismatch. This resulted in an out-of-bounds memory read, crashing the system.

The company stated that “this scenario with Channel File 291 is now incapable of recurring,” adding that what happened is now informing how it tests its systems going forward.

In a post on X, the firm wrote: “We apologize unreservedly and will use the lessons learned from this incident to become more resilient and better serve our customers. To any customer still affected, please know we will not rest until all systems are restored.”

This morning, we published the Root Cause Analysis (RCA) detailing the findings, mitigations and technical details of the July 19, 2024, Channel File 291 incident. We apologize unreservedly and will use the lessons learned from this incident to become more resilient and better…

— CrowdStrike (@CrowdStrike) August 6, 2024

Crowd...

Read Entire Article