1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • CrowdStrike reveals what went wrong and it's pretty much what we

    From TechnologyDaily@1337:1/100 to All on Wed Jul 24 10:45:04 2024
    CrowdStrike reveals what went wrong and it's pretty much what we expected

    Date:
    Wed, 24 Jul 2024 10:39:54 +0000

    Description:
    CrowdStrike thinks it knows what caused the blue screen of death on millions of Windows devices.

    FULL STORY ======================================================================

    CrowdStrike has revealed its initial findings into what was behind the recent incident affecting millions of Windows devices around the world.

    In a preliminary Post Incident Review (PIR), the company acknowledged a significant issues caused by a content configuration update, leading to a
    mass Windows ecosystem crash on July 19.

    The incident, which was believed to have affected 8.5 million Windows
    machines , occurred after a routine update intended to enhance telemetry for detecting novel threat techniques. In this case, the problematic update led
    to out-of-bounds memory reads, causing the infamous blue screen of death. CrowdStrike offers more detail about the recent outage

    The issue impacted Windows hosts running sensor version 7.11 and above that were online between 04:09 and 05:27 UTC on the day of the incident.

    CrowdStrike CEO George Kurtz issued an apology, emphasizing that this was not the result of a cyberattack but rather an internal software problem. He reassured customers that measures are being taken to prevent similar issues
    in the future.

    The root of the problem lies in the Rapid Response Content, designed to dynamically update threat detection capabilities without altering the sensor code. The problematic update included two new IPS Template Instances intended to detect attacks exploiting Named Pipes.

    However, due to a bug in the Content Validator, one of these instances with faulty data passed through the validation process, causing the crashes.

    In response to the recent, widespread problems, CrowdStrikes PIR outlines several steps to enhance testing and deployment processes to prevent recurrence, including more rigorous testing, staggered deployment, improved monitoring and giving customer more control over their updates.

    Additionally, further details are promised to be provided in the full Root Cause Analysis, which the company has committed to releasing publicly. In the meantime, CrowdStrike says its working with affected customers to continue restoring normal operations. More from TechRadar Pro Hackers are already targeting users with fake CrowdStrike fixes Check out our roundup of the best endpoint protection software Weve listed the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/crowdstrike-reveals-what-went-wrong-and -its-pretty-much-what-we-expected


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)