CrowdStrike outage: We just got more info on what, exactly, caused the chaos
CrowdStrike released a new report.
We’ve got new details on the CrowdStrike outages.
Credit: Karl-Josef Hildenbrand/picture alliance via Getty Images
CrowdStrike has released further details Wednesday on the software issue that caused mass outages while taking down 8.5 million Windows machines.
The company posted a post incident review (PIR) on its website detailing the problem and outlined steps on how it can improve moving forward. You can read through the entire PIR, but it’s not particularly intended for casual readers — it’s primarily for the technical folks.
So what happened, exactly?
The TL;DR is that CrowdStrike sent out Rapid Response Content — an update designed to respond to the changing threat landscape — but there was a bug in its Content Validator. Despite this, the update, which contained the problematic content data, rolled out to customers. The issue “resulted in an out-of-bounds memory read” which, in turn, led to Windows crashing (i.e., showing the dreaded Blue Screen of Death).
Mashable Light Speed
Because so many companies used CrowdStrike, the miniscule error ended up being a massive issue. It was a small 40KB file that caused the problem, the Verge noted. That little mistake had the airline, healthcare, and banking industries out of commission.
How does the PIR detail plans to prevent such issues in the future? It will increase testing for Rapid Response Content, add new checks for the Content Validator, and change the way it rolls out Rapid Response Content.
Tim Marcin is a culture reporter at Mashable, where he writes about food, fitness, weird stuff on the internet, and, well, just about anything else. You can find him posting endlessly about Buffalo wings on Twitter at @timmarcin.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.