CrowdStrike hires outside help to track down cause of global outages as it reveals first findings
Security community struggles to find answers right under their nose
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
As CrowdStrike and its enterprise customers recover fromthe recent outage catastrophe, and it already being public knowledge thata pushed update caused the problem, the company has hired two security firms to look further into the issue.
The external code review was announced in a root causes analysis (PDF), while it was already known in the course of apost-incident reviewthat a system designed to validate content (a ‘Content Validator’) failed to kick in, allowing a faulty IPS Template Instance intended to detect attacks to validate, causing crashes due to out-of-bounds memory reads.
CrowdStrike has announced it intends to mitigate similar broken update disruption in the future by staggering template deployment across devices, and that its content validator now has runtime bounds, preventing the same kind of memory issues from happening. It also intends to perform more internal testing, but only time will tell if this will have much material impact.
CrowdStruck (with a corporate lawsuit)
Even if you aren’t completely sure what a content validator is or how exactly memory reads can go above their station, you can probably imagine that a phased update rollout system sounds like a good idea for a company with softwareinstalled on millions of Windows PCs.
CrowdStrike’s shareholders have been thinking along the same lines, and have alreadyfiled a class-action lawsuitagainst the company for failing to implement such a system. Delta, meanwhile, aresuing on the basis of lost revenue over a six-day period- which CrowdStrike say, perhaps with good reason, is Delta’s fault, actually,
Then again, it also said, about the shareholders case, that it believes the case ‘lacks merit’, and it’s hard to argue that one given that the implementation, or lack thereof, of a rolling patch system, lies entirely at CrowdStrike’s feet.
ViaThe Register
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
Luke Hughes holds the role of Staff Writer at TechRadar Pro, producing news, features and deals content across topics ranging from computing to cloud services, cybersecurity, data privacy and business software.
Adobe’s decision to eliminate perpetual licensing for its Elements software has stirred controversy among consumers
VIPRE Security Group says its new endpoint protection tools can stamp out even the latest cybersecurity threats
Huge Black Friday Samsung sale: save up to $1,900 on QLED, OLED TVs, and more
