CrowdStrike reveals more details about how the global failure occurred.
Days after a faulty update took down an estimated 8.5 million Windows computers, CrowdStrike, the cybersecurity firm that caused the crash, has shared more information about how exactly it occurred.
In its initial post-incident review published Wednesday, CrowdStrike says a bug in its validation systems allowed some “problematic content data” to skirt past existing checks. The data was in what CrowdStrike calls a “Rapid Response Content” update, which is stored in a binary file and therefore is not code or a kernel driver.
“Problematic content in Channel File 291 resulted in an out-of-bounds memory read triggering an exception. This unexpected exception could not be gracefully handled, resulting in a Windows operating system crash (BSOD)”, the company explains.
