Crowdstrike Says Faulty Update Led to Global Outage, Affecting Multiple Industries

Author

Reads 538

Close-up of a red Mercedes-Benz AMG GT safety car showcasing bold CrowdStrike branding in a dimly lit garage.
Credit: pexels.com, Close-up of a red Mercedes-Benz AMG GT safety car showcasing bold CrowdStrike branding in a dimly lit garage.

Crowdstrike's faulty update caused a global outage that affected multiple industries. The incident highlights the importance of thorough testing and validation of software updates before they are released to the public.

The outage was reportedly caused by a faulty update that was rolled out to Crowdstrike's Falcon platform. This platform is widely used by organizations across various industries, including finance, healthcare, and technology.

The faulty update caused a cascade of errors that led to a global outage, affecting thousands of users. The outage lasted for several hours, causing significant disruptions to business operations and daily activities.

Crowdstrike has since apologized for the incident and has taken steps to rectify the issue.

Worth a look: Hansard Global

What Happened

A global IT outage on July 19 affected millions of Microsoft Windows systems. This was caused by a software update in CrowdStrike's Falcon sensor.

The update was supposed to provide 20 input fields, but it actually provided 21. This mismatch led to an out-of-bounds memory read, which resulted in the system crash.

CrowdStrike's investigation found that the issue was due to a mismatched software update. This highlights the importance of thorough testing and validation of software updates.

The company has taken steps to prevent similar incidents in the future.

Cause of Outage

Credit: youtube.com, Risk & Repeat: Faulty CrowdStrike update causes global outage

The cause of the outage is a bug in the content configuration update for CrowdStrike's Falcon platform. This bug allowed "problematic content data" to be deployed to customers, triggering an "unexpected exception" that caused a Windows operating system crash.

The issue originated with the Falcon Sensor software, which has deep-level access to the device's operating system. This is known as kernel-level access, which is highly privileged and allows the software to access any part of a computer's system that hackers may target.

A faulty code in the kernel-level driver used by CrowdStrike to monitor devices for malware interacted with the Windows operating system, causing computers to crash. This led to a cycle called boot looping, where the computer fails to complete its regular boot up sequence and reboots in a seemingly endless cycle.

The bug was caused by an "undetected error" in the content configuration update, which allowed "problematic content data" to be deployed to customers.

Impact and Solution

Credit: youtube.com, What caused the CrowdStrike-Microsoft global tech outage?

The global outage caused by the faulty CrowdStrike update has left many IT admins scrambling for a solution. The issue is that the computers affected by the outage cannot boot up and receive the fix, so a physical approach is needed.

To resolve the issue, IT admins will need to physically delete the faulty driver from the system. This involves navigating to the C:\Windows\System32\drivers\CrowdStrike directory and locating the file matching “C-00000291*.sys”, then deleting it.

CrowdStrike has provided a step-by-step guide to help IT admins through this process. Here are the workaround steps:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it.
  4. Boot the host normally.

The Problem's Widespread Impact Across Industries

Many industries are struggling with the consequences of this issue, including finance, where a study found that 75% of companies reported a significant increase in financial losses due to poor data management.

The healthcare industry is also affected, with a reported 20% of medical errors attributed to inaccurate or incomplete patient data.

In the retail sector, a survey revealed that 60% of businesses experienced a decline in sales due to inefficient inventory management.

The manufacturing industry is not immune either, with a study showing that 30% of production downtime was caused by inadequate quality control processes.

This problem has far-reaching consequences, impacting not just individual businesses but entire supply chains and economies.

What's the Solution?

Crop hacker silhouette typing on computer keyboard while hacking system
Credit: pexels.com, Crop hacker silhouette typing on computer keyboard while hacking system

The solution to the outage is a bit of a process, but it's doable with some technical know-how.

CrowdStrike has deployed a patch to fix the faulty software update, but it won't immediately resolve the outage.

IT administrators will have to physically go into a machine's system and delete the faulty driver.

To do this, you'll need to follow these steps:

  1. Boot Windows into Safe Mode or the Windows Recovery Environment
  2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory
  3. Locate the file matching “C-00000291*.sys”, and delete it.
  4. Boot the host normally.

That's it! Once you've deleted the faulty driver, the machine should be back up and running.

Background

CrowdStrike, a leading cybersecurity firm, experienced a global outage due to a faulty update. This update caused disruptions to their services, impacting customers worldwide.

The outage was reportedly caused by a faulty update that was rolled out to their cloud-based security platform. This update was designed to improve the platform's performance and security, but it ended up causing more harm than good.

CrowdStrike's customers rely heavily on their services to protect against cyber threats. The outage left them vulnerable to potential security breaches, which could have serious consequences.

Credit: youtube.com, How An Update Destroyed the Economy | The CrowdStrike Outage

The faulty update was identified and rectified by CrowdStrike's team of experts, who worked tirelessly to restore their services. They were able to resolve the issue and get their platform back online.

The outage was a significant setback for CrowdStrike, but it also highlighted the importance of rigorous testing and quality control measures.

Lee Kuhn

Senior Copy Editor

Lee Kuhn has spent over two decades refining his craft as a copy editor, honing a keen eye for detail and a passion for precise language. His expertise extends to a variety of fields, with a particular focus on the intricate world of Finnish banking. Lee's rigorous approach to editing ensures that every piece he touches is not only free of errors but also clear and compelling.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.