CrowdStrike blames quality control bug for faulty update
A full Root Cause Analysis will be publicly released once the investigation is complete.
CrowdStrike has issued a preliminary review of the recent issue affecting its Falcon sensor and Windows operating system. On July 19, 2024, a problematic update to CrowdStrike’s Rapid Response Content led to a system crash on Windows machines running sensor version 7.11 and above. The update was designed to gather telemetry on new threats but inadvertently caused an out-of-bounds memory read, resulting in a Windows blue screen error.
The faulty update was quickly reverted within an hour of deployment, and systems online after the fix were not affected. The issue was traced back to a bug in the Content Validator, which allowed problematic content to pass validation. CrowdStrike is now taking steps to improve its testing and validation processes to prevent similar issues in the future. That includes enhancing error handling, adding more validation checks, and implementing a staggered deployment strategy for updates.
CrowdStrike will release a detailed Root Cause Analysis later, and the impacted channel file has been deprecated to prevent further disruptions. The company is also improving its monitoring and providing customers with better control over update deployments.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.