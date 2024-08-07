Technology News
English Edition

CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage

The root cause analysis conducted by external vendors has revealed an interprocess communication (IPC) template type error.

Written by Akash Dutta, Edited by Siddharth Suvarna | Updated: 7 August 2024 16:05 IST
CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage

Photo Credit: Unsplash/Windows

Microsoft services such as Office 365 and Azure were affected during the CrowdStrike outage

Highlights
  • CrowdStrike did not name the vendors performing the external review
  • The CrowdStrike outage occurred on July 19
  • The outage affected Windows laptops and desktops globally
Advertisement

CrowdStrike, the US-based cybersecurity firm, caused a global outage on July 19 after an update resulted in Windows laptops and desktops crashing and getting stuck in a boot loop. The outage lasted multiple hours affecting different sectors including airlines, healthcare, IT, and more. After fixing the issue, the company published a post-incident report highlighting that its artificial intelligence (AI) system dubbed 'Falcon sensor' caused an error. Now, the company has published a detailed report after conducting an external review to highlight what exactly went wrong.

CrowdStrike Publishes External Review Report

In a report titled ‘External Technical Root Cause Analysis — Channel File 291', the cybersecurity firm said it found that the Falcon sensor deployed an erroneous template type string which affected Windows interprocess communication (IPC) mechanisms.

As per CrowdStrike, Falcon runs machine-learning models that automatically identify and remediate the latest and advanced threats from bad actors. Right before the July 19 outage, the detection functionality pushed a new “template type” to millions of computers of customers' Falcon installations in version 7.11.

However, this is where things went wrong. The report highlighted that the IPC template type had defined 21 input parameter fields but “the integration code that invoked the Content Interpreter with Channel File 291's Template Instances supplied only 20 input values to match against.” This mismatch is usually not a concern since so far the AI system has never picked an input outside the given 20.

But on that day, the sensor asked to inspect template type 21. Since there was no corresponding integration code relating to it, the attempt to access the 21st input parameter created an out-of-bounds memory error and resulted in a system crash.

Highlighting steps for mitigation, the report claimed that CrowdStrike developed a patch for the Sensor Content Compiler that validates the number of inputs provided by a Template Type. This went into production on July 27. The firm said that it has also focused on increased testing and validation before pushing an update. Further, it has also stated that all future updates will be rolled out in a phased manner to minimise any potential error.

Notably, no details about the external vendors who conducted the review were provided.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: CrowdStrike, Microsoft Hub, Laptops
Akash Dutta
Akash Dutta
Akash Dutta is a Senior Sub Editor at Gadgets 360. He is particularly interested in the social impact of technological developments and loves reading about emerging fields such as AI, metaverse, and fediverse. In his free time, he can be seen supporting his favourite football club - Chelsea, watching movies and anime, and sharing passionate opinions on food. More
Tata Curvv EV With Level 2 ADAS Capabilities, 585KM Claimed Range Launched in India: Price, Features
CoinDCX Announces Rs. 50 Crore Investor Protection Fund Following WazirX Hack

Related Stories

CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage
Comment
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Featured
Follow Us
Latest Videos
More Videos
Tech News in Hindi
More Technology News in Hindi
Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. Tata Curvv EV Launched in India With Level 2 ADAS Capabilities
  2. Vivo V40 Series With Zeiss Tuned Cameras, 5,500mAh Battery Debuts in India
  3. Huawei Watch Fit 2 With Up to 10 Days Battery Life Launched in India
  4. Vivo V40 Pro First Impressions
  5. CoinDCX Introduces Rs. 50 Crore Fund to Safeguard Investors: Details
  6. Google Launches TV Streamer (4K) With Gemini AI Capabilities
#Latest Stories
  1. CrowdStrike Conducts External Review to Better Understand What Triggered the Global Outage
  2. Microsoft Announces First Wave of Xbox Game Pass August Tiles, Crash Bandicoot N. Sane Trilogy Confirmed
  3. Tata Curvv EV With Level 2 ADAS Capabilities, 585KM Claimed Range Launched in India: Price, Features
  4. CoinDCX Announces Rs. 50 Crore Investor Protection Fund Following WazirX Hack
  5. Realme's 300W Fast-Charging Technology Tipped to Be Revealed Alongside Realme GT 7 Pro
  6. Realme 13+ 5G Design, Key Specifications Leaked Via TENAA Website Listing
  7. ChatGPT App for macOS Gets New Update, Enables Multitasking via Companion Window
  8. Android 14 August Security Patch Rolled Out for Supported Pixel Smartphones: What’s New
  9. Star Wars Jedi: Survivor is Coming to PS4 and Xbox One in September
  10. Google Integrating Gemini AI Capabilities Into Nest Cameras and Google Home Experiences
Gadgets 360 is available in
Follow Us
Download Our Apps
App Store App Store
Available in Hindi
App Store
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »