24.07.2024 22:16:56

CrowdStrike's Major Software Outage: Zdnet

(RTTNews) - Wednesday, CrowdStrike Holdings, Inc. (CRWD) published a Preliminary Post Incident Review on its official website, providing a comprehensive analysis of the event that had a substantial impact on Microsoft Windows-based systems worldwide.

The repercussions of this incident were felt across various sectors including airlines, healthcare facilities, financial institutions, and diverse businesses.

According to Zdnet, CrowdStrike's investigation revealed that the "sensor configuration update" code was the root cause of the issue, triggering crashes on Windows PCs and servers shortly after boot-up, leading to the Blue Screen of Death (BSOD) error. This flawed code was found within the Falcon sensor, operating within the Windows space.

The problematic sensor version 7.11, which was released on February 28, 2024, introduced a new InterProcess Communication (IPC) Template Type aimed at identifying innovative attack techniques exploiting Named Pipes. While Windows systems running sensor version 7.11 and later were affected, Mac and Linux systems remained unscathed.

During the period from April 8 to April 24, three additional IPC Template Types were successfully implemented. However, on July 19, CrowdStrike reported the deployment of "two additional IPC Template Instances," one of which passed validation despite containing flawed content due to a bug in the Content Validator. This flawed content in Channel File 291 triggered an out-of-bounds memory read, ultimately leading to Windows OS crashes.

In response, CrowdStrike has outlined plans to fortify "software resiliency and testing" and implement a "staggered deployment strategy," gradually updating larger segments of the sensor base, starting with a canary deployment. The company has also committed to providing customers with "greater control over the delivery of Rapid Response Content updates," allowing detailed selection of when and where these updates are applied.

According to insurer Parametrix, it is estimated that U.S. Fortune 500 companies, excluding Microsoft, may suffer losses amounting to $5.4 billion due to the outage. As a result of these developments, the United States House of Representatives Homeland Security Committee is preparing to summon CrowdStrike's CEO for hearings to investigate the failure.

Additionally, CrowdStrike's Chief Security Officer, Shawn Henry, publicly expressed regret on LinkedIn, stating, "On Friday, we failed you... The confidence we built over the years was lost in buckets within hours, and it was a gut punch."

Analysen zu CrowdStrikemehr Analysen

Eintrag hinzufügen
Hinweis: Sie möchten dieses Wertpapier günstig handeln? Sparen Sie sich unnötige Gebühren! Bei finanzen.net Brokerage handeln Sie Ihre Wertpapiere für nur 5 Euro Orderprovision* pro Trade? Hier informieren!
Es ist ein Fehler aufgetreten!

Aktien in diesem Artikel

CrowdStrike 344,40 -0,61% CrowdStrike